Page 3 of 4
Posted: Wed 22 Jun 2011, 10:18
by nooby
If I want a how to close down gently?
Yes that what I asked but maybe failed to express clearly!
Posted: Wed 22 Jun 2011, 14:35
by Bruce B
Nooby,
Here is your how-to practice it on a normal running firefox. Use it in the even firefox hangs loading a page, acts up, or looks like a website is up to mischief.
1) Left-Alt+Left-Ctrl+F2 (drops you to a text mode tty)
2) Enter login name and password
3) Open htop
4) Select the firefox threads, use arrow keys and kill them with signal 15
5) Left-Alt+F3 (or F4 or F5) depends on number of ttys to return to X session
I use this when X locks up because some mal designed web page has brought the browser and all of X to a virtual standstill
~
Scenario to consider
Posted: Wed 22 Jun 2011, 17:38
by gcmartin
A scenario: this is an hypothetical case for comment
Lets suppose someone has a forum. And, a moderator of that forum chooses to use their power to 'target' a forum member. Invading the member and placing a poison pill that begins to go the work on the member's network PCs. Should this be called a virus if it begin its bad behavior from a Linux machine?
Questions which arise
We all know this is misuse of power, but;
- should a "poison pill" like this be called a virus?
- when this is detected, where or how should it be reported?
- What would you do if you discovered this?
- And, if you found that it was corrupting your filesystems, then what?
Posted: Wed 22 Jun 2011, 19:29
by postfs1
To reedit up to date.
Posted: Wed 22 Jun 2011, 19:45
by Sky Aisling
Here is Wiki's definition of 'Virus' (not that Wiki is the last word in definitions)
http://en.wikipedia.org/wiki/Computer_virus
Computer virus ...
Not to be confused with Malware.
A computer virus is a computer program that can copy itself[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.[2]
Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.[3][4] ...
Perhaps this can give a point of reference in the discussion.
Posted: Wed 22 Jun 2011, 20:12
by nooby
Thanks Bruce. What user name and password has Puppy?
When are one supposed to set up such for root?
We need a better word than Virus to refer to unwanted intrusion.
Unwanted Deceptive Code entering the computer regardless of how it did enter.
Could be the user who click a deceptive link.
Posted: Wed 22 Jun 2011, 21:01
by gcmartin
Yes @Sky Aisling and Yes @Nooby. I think you're seeing what I getting at. Others are too.
Its not just that exploitation occurs; they do and will continue. But, in Linux, who delivered the notion that exploitations (viruses) "do not occur?" Further why did this notion occur. This is NOT a conspiracy, Its a paradigm.
We are saying (asking) the same?
When I report an anomaly that is observed within a subsystem/OS, it gets patched or fixed via an upgrade. Often times, we are told that it is a security mod.
But, often times the user community is exploited before the discovery is made. When in Linux, what are we to call it?
This is not a "yell in the wild". The awareness level is already being seen right here in Puppyland.
Posted: Thu 23 Jun 2011, 21:52
by 8-bit
I picture Flash running from his live DVD puppy with no hard drive.
So in his case, I guess it would be that the computers memory got a virus.
It would take a bit of extra work for a virus to be set up so as to save itself to a live DVD session!
I also got one of those popup warnings that my computer was infected and a quick scan was being done.
So I see a Windows XP desktop with a virus scanner running.
I was running Puppy and thought it was fun to watch.
But.....
My wifes PC running Windows XP had the same thing show up.
I walked over and powered down her computer, but the damage was done.
After rebooting, any application I tried to open brought up a popup window saying the application was infected and to buy their product to remove the virus.
I determined a startup program had been installed and booted Puppy from cd and removed that nasty program.
So in my case, I lucked out.
Posted: Fri 24 Jun 2011, 06:38
by Sylvander
Just now discovered that a 1GB Flash Drive I use to hold valuable/useful PET files and such...
Has LOST all of its former contents...
Which have been replaced by .REC and .REN filpairs...
Numbered from 0000, increasing by one digit steps all the way to 0127, when .REN ceases, and .REC continues all the way to 1342.
This drive was probably connected at the time of "the event" mentioned previously.
Posted: Fri 24 Jun 2011, 10:25
by Bruce B
Sylvander,
Would it be too much trouble explaining step by step what happened?
Bruce
~
Posted: Fri 24 Jun 2011, 10:28
by Bruce B
Impervious Puppies - three types I can think of
1) multi-session optical without saving session
2) flash stick frugal install without saving session
3) improvising a read only puppy
~
Posted: Fri 24 Jun 2011, 10:45
by Bruce B
nooby wrote:Thanks Bruce. What user name and password has Puppy?
When are one supposed to set up such for root?
The user name is arbitrary: root
You can set the root password using the passwd utility. Very easy
Code: Select all
[~] passwd
Changing password for root
New password:
nooby wrote:We need a better word than Virus to refer to unwanted intrusion.
Virus is too specific. How about badware or malware?
~
Posted: Fri 24 Jun 2011, 11:02
by Bruce B
gcmartin wrote:But, often times the user community is exploited before the discovery is made. When in Linux, what are we to call it?
This is not a "yell in the wild". The awareness level is already being seen right here in Puppyland.
I would want specifics to support the claim "
But, often times the user community is exploited before the discovery is made."
Even if true, it seems we'd have to be exploited
before we could discover we were being exploited.
I think it is because we are not being exploited we don't have our guard up, which isn't wise from a security perspective.
~
Posted: Fri 24 Jun 2011, 16:03
by Sky Aisling
Bruce B writes:
I think it is because we are not being exploited we don't have our guard up, which isn't wise from a security perspective.
Thank you gcmartin for nudging us toward this awareness.
Posted: Sat 25 Jun 2011, 05:51
by Sylvander
1. Bruce B said to me:
"
Would it be too much trouble explaining step by step what happened?"
See this post earlier in this thread.
Posted: Sat 25 Jun 2011, 13:22
by 8-bit
Sylvander,
Do you remember the section and the post that gave the video link that gave you the problem.
As a security issue, it would be good if that post was removed or at least the video link in it that cause a problem for you.
Posted: Sat 25 Jun 2011, 14:44
by Bruce B
Thank you
I think I meant what happened to the USB files. It looked to me like maybe you ran a file system repair utility in hopes of fixing it.
Also, in the off chance you kept the old pupsave file I could try and do a postmortem on it if you want.
The Flash plugin is proprietary. It has never been safe. We can't know all Adobe withholds from us or its weaknesses. Such is the nature of closed source software.
It is risky to use the Flash plugin. I take the risk as I think most people do.
I also decided to run Firefox as user spot and I'm very pleased doing it that way.
Bruce
~
Posted: Sat 25 Jun 2011, 16:03
by Sylvander
@
8-bit
1. "
Do you remember the section and the post that gave the video link that gave you the problem."
See this post giving the reply to that same question [by rjbrewer] in my thread on the subject.
@
Bruce B
2. "
I think I meant what happened to the USB files."
I've no idea, the first time [a few days after the "event"] I mounted the partition on the Flash Drive, all my files were gone, with a load of other files in their place.
3. "
maybe you ran a file system repair utility in hopes of fixing it."
I did nothing to the Flash Drive...
I wonder if some Puppy [or Win2000Pro?] did the deed automatically?
I've been working on
Legacy OS 2, which wouldn't boot at first, then I tried using a "Smart Boot Manager" [SBM] floppy, and afterward both CD-R & CD-RW would boot OK.
Normally I have no trouble by leaving the Flash Drive connected.
4. "
in the off chance you kept the old pupsave file I could try and do a postmortem on it if you want"
I deleted the [infected?] lupusave file, and restored a recent backup lupusave.
Posted: Sat 25 Jun 2011, 16:11
by Bruce B
Sylvander,
It appears to my critical and skeptical eye that you really got hit by something nefarious.
Flash plugin has known exploits. The general rule is - it is exploited by specially crafted flash files.
Also, worth considering is, even so called reputable companies put bad flash files in your browser. This happens when they outsource work to people in far away places and the company doesn't have direct control over their own flash media.
My rule is try not to interact with the media, but this isn't always easily done. Let alone a cure all.
Thanks for your replies.
Bruce
~
Reacting to Media?
Posted: Sat 25 Jun 2011, 18:15
by Sky Aisling
Bruce wrote:
My rule is try not to interact with the media...
What do you mean, not to interact with the media? What do you mean by the word *media*?