Ubuntu Security :: My Computer Is Being Hacked / What To Fix It?

Feb 27, 2011

I have windows computer and it is being hacked.About month ago or more some one hacked my router and install new firmware from Firmware Version: Talisman/Basic V1.2.9a

My router is linksys and SSID got changed to sveasoft.I had WPA set up and MAC filtering .

Some one hacked my router and change Firmware Version.And user name and password also got change to just admin.

Well now I got a pop up from my Kaspersky saying network attack scan.generic.TCP 74.63.245.168

only thing I can find on it http://whatismyipaddress.com/ip/74.63.245.168

It is Limestone Networks in Dallas.

Some strang things have been happing to my computer in past 4 months and is getting worse.

I have no firewall or router now.And have not gone to the store and get new router yet and I'm thinking of formatting my computer and putting linux and get good firewall like zone-alarm.

View 9 Replies


ADVERTISEMENT

Ubuntu Security :: Computer Has Been Hacked / Monitored?

Mar 22, 2011

my computer has been surely hacked for at least more than two months; my private information are being hacked and spread around! I initally used Windows Vista and I had the firewall off and no antivirus software. When I realized that my OS had been hacked, I began turning my firewall on and installing security softwares, but nothing stopped the hack.

Yesterday, I erased all my partitions and installed Ubuntu 10.10. I installed rkhunter and a firewall. I changed my static IP adress, at least for the sake of knowledge, to another one, then I got disconnected since my router only allows my old IP.

When I'm about to write my admin password, I disconnect from the network. I've scanned my system using rkhunter, and the result is a list of 30 suspicious files!

Can I adjust my router in a way that it can allow any IP adress? If yes, can I have a non-static IP adress? How to prevent the hacking in the first place? However, I believe, I don't know yet, that my Ubuntu has also been hacked...

If I can't get rid of the hacker(s), then I should permanently disconnect from internet and find another way to receive information anonymously through the internet.

View 9 Replies View Related

Fedora :: Can Computer Be Hacked When The Firewall Is In The Default Setting

Apr 5, 2011

Am I safe when surfing the web with default Firewall setting? Can My Computer be hacked when the firewall is in the default setting? I have no knowledge on configuring Firewalls

View 11 Replies View Related

Ubuntu Security :: Using Lucidlynx - How To Know If Some One Hacked My Box

Mar 8, 2010

I want to know if any one hacked or getting into my computer. I am using lucidlynx right now, My computer directly connected to modem, not using any wireless router. How can i check if some one hacked? How to prevent it?

View 6 Replies View Related

Ubuntu Security :: System Hacked / What's Going On?

Jan 3, 2011

I have a 6yo laptop...z60m. Solid little thing that I knocked around so much the hinge broke. My dad jerryrigged it so it can stay open.

So now I use it as a glorified DVD player. Then, around February the hard drive died. I put it in fresh, loaded a couple of regular games and the DVD modifications to play DVD's. So, besides the basic upgrade to 9.1 not much as been done.

Well, last week my panel disappeared. I procrastinated and last night I got on the computer. I did F2 and "xfce-panel" and my panel reappeared exactly how I'd last tweaked it.

With on exception. This blue globe, "Akonadi" had mysteriously appeared.

Thing is that I haven't installed or updated anything for 8 months...why? becuase I haven't had this thing connected to the Internet. The wireless tower has been on. (my bad) but all of the signigals in my neck of the wood are encripted so I just let it be.

I don't know where this program came from. Is it loaded in xubuntu? Why would it show up? And furthermore if there was someone with malicious intent (unfortunatly I do have to take that into consideration) have put this on for data collection?

View 8 Replies View Related

Ubuntu Security :: Warning Signs Of Having Been Hacked

Feb 19, 2011

I had a serious breach of the cellular segment of my communications network this week. All I can say is nobody got hurt. The attackers also knew where to find me via email. I'm concerned that perhaps they've penetrated this aspect of my system as well, although they seemed pretty specifically focused on the phone. There have been no changes on anything on my computer, and of course, I went ahead and changed all the passwords. How can I verify or at least look into the possibility of having been hacked as well.

View 8 Replies View Related

Security :: Server Hacked By Opyum?

Apr 11, 2011

Awoke to millions of failed SSH attempts into my public server. Behind a firewall which forwards only SSH and HTTP. Local iptables deny everything except SSH and HTTP. Exact same symptoms and results as Chris over at his site: here.I just want to know how they managed to execute a script, or make changes etc? Here's some info:According to cat /var/log/secure | grep "Accepted" no one besides myself gained entry via SSH.The FTP account (500:48 (Purposely in apache group)) is chrooted to a 775 directory and vsftpd does not accept anonymous entry. vsftpd and xferlog's are empty?

Code:
You have new mail in /var/spool/mail/root
[root@dev etc]# tail /var/spool/mail/root

[code]....

View 11 Replies View Related

Security :: LAN Hacked - How To Find Infected Machine

Jul 3, 2009

I have LAN with 20 machines. I see that one of them is infected. Its sending a lot of packets to the internet. My internet connection at this momment is realy slow. What should I do? How to detect which machine is infected? I'm using hardware firewall. Fortigate... Its hard to configure there nice logs. Any good software. I don't want to switch off network cable from each machine and check.

View 10 Replies View Related

Security :: The Server Was Hacked From So Called Tor IP Address?

Nov 14, 2010

I always use professional services to secure my servers. Everything was fine for years but a week ago my server got hacked.I don't know how the hacker got my username/password - it was not something like admin, password.9 months ago my PC was infected with some virus which connected to the FTP server by using password which was saved in CuteFTP and infected all index files with some javascript. Then I changed the user/FTP password and didn't save it anymore in Cute FTP. Of course, I checked all the folders and re-uploaded all infected files. Is it possible that this virus uploaded some hidden file which was able to get the new password for this account?

The server was hacked from so called Tor IP address. I am tiref of worrying about server security and now have an idea to get a static IP address from my ISP and to allow logins only from this IP address. What do you think about it? This idea looks good for me but are there any risks to lose access to the server. Can ISP provider change the static IP address for some reason?

View 9 Replies View Related

Ubuntu Security :: Can Be Hacked When It Is Installed As A Dual Boot With Windows7

Apr 13, 2010

I need to know whether Ubuntu can be hacked when it is installed as a dual boot with W7 by hacking windows and getting access to the Ubuntu partition?

What I would also like to know if this way can be used to put a key logger or screen capture in Ubuntu which installs next time Ubuntu is started?

View 9 Replies View Related

Ubuntu Security :: Virus In Windows Reformatted HD - Still Facebook Hacked

Apr 28, 2010

I believe it is a keylogger because my Facebook account has been hacked, I believe my email has as well. I heard that even if you reformat a harddrive, the virus could still sit there and apparently that is what happened to me. how to be rid of it and keep my security. I installed RKhunter and Chkrootkit. Rkhunter reports warning files while checking my filesystem. I can post a log if need be.

View 9 Replies View Related

Ubuntu Security :: Server Hacked - Ethernet No Longer Working

Jun 19, 2010

My server (Ubuntu 10.04 desktop) was hacked. I had my ethernet plugged in to an Intel 82557 Ethernet Pro card (Pulse) when my server was first attacked. After it was attacked I reinstalled the system but my ethernet card still would not work. Ubuntu recognized it, but it is continually disconnected and the little status lights on the card do not light up anymore.

So then I plugged the ethernet to the mother board itself. Well, my server was hacked again and now the ethernet on the motherboard does not work. Again, Ubuntu (after a reinstall) recognizes the hardware but nothing happens when I plug the etherent in. The motherboard is a BioStar P4M900 VIA chipset. I have a few of the system logs here [URL] which I saved right after the first attack.

View 9 Replies View Related

Security :: Nmap Retuns Many Non Existing Local Ip -- Hacked?

Nov 18, 2010

A scan on my computer reported as up many local ips which simply does not exist in my network. This host is supposed to have ip 192.168.0.4, but all other ip should not be there. I have a USB modem connected to a Linux box, connected itselfs to a wifi linksys router and thats it.

# nmap -sP '192.168.*.*' | grep -v down
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2010-11-18 21:46 CET
Host 192.168.0.4 appears to be up.
Host 192.168.7.27 appears to be up.
Host 192.168.10.0 appears to be up.

[Code]...

View 3 Replies View Related

Security :: Server Hacked - Finding Process Behind Sending Emails

Jun 13, 2011

I just got control over a server that was hacked several months back. The other day we started receiving rejected emails sent from my server to a yahoo email address that is no longer active that contained users login information. I am trying to find the process that is sending these emails. So far its been like finding a needle in a haystack. The email that is being sent is appending the login information each time it is sent so there must be a local file that contains this information. I have tried using grep and find without any luck.

View 2 Replies View Related

Security :: Site Definitely Hacked - Can't Delete Files To Restore Backup

Apr 9, 2010

I've discovered that after restoring my site's backup this has happened to me again. How to delete the hacked /home/crocbits directory so that I can restore the backup under the same username. When I try to delete /home/crocbits I get this message when logged in as root:

[Code]...

View 9 Replies View Related

Ubuntu Security :: Secure A Terminal Server, So That It Can't Be Hacked By Bruteforce/divtionary Tools?

Oct 8, 2010

How to secure a Terminal Server. so that it can't be hacked by bruteforce/divtionary tools ?

View 7 Replies View Related

Security :: Site Hacked - Deleting Specific Line From Files Recursively?

Apr 26, 2011

I just got an email from google saying my site contained malware. It has a line in it: "<script src='http://whitepix.info/3'></script>". I've noticed its recursively in all my .html and .txt files in my website. Can I make a linux script to run that will go through all my .html and txt files recursively and delete that line from them? I don't know how it got in all of them.

View 6 Replies View Related

Security :: Qmail Hacked In Server \ Cannot Find Any Suspicious Script Running Using Ps Xaf Command?

Jan 3, 2011

My server is probaly hacked and sending spam emails. I see them randomly in maillog (/usr/local/psa/var/log/maillog, server has a plesk panel), sometimes a few in a long time, sometimes a lot of them.Here is a sample of it:

Jan 4 00:47:08 acv360 qmail-remote-handlers[17662]: Handlers Filter before-remote for qmail started ...
Jan 4 00:47:08 acv360 qmail-remote-handlers[17662]: from=root@acv360.com

[code].....

View 7 Replies View Related

Security :: Server Hacked When Try To Log In Type Root But Won't Let Type A Password?

Jun 22, 2010

I have a server hacked when i try to log in i type root but won't let me type a passwdthere are no services up, can't see page mail nothing

View 11 Replies View Related

Ubuntu Security :: Possible Backdoor On Computer?

Apr 13, 2010

I was looking at my firewall(firestarter) logs. It shows that a program named Master's Paradise has been trying to make connections to outside from my computer on port 3129. Why would I have something like this on my machine? Is this something I need to be worried about?? Or is some legitimate program using port 3129 and the firewall log is still showing it as Master's Paradise?

View 9 Replies View Related

Ubuntu Security :: Gufw - Cannot See The Other Computer Files

Jan 1, 2010

VERY GREEN to Ubuntu. My setup:

1. computer A connects to the internet through usb dial up modem
2. computer A & B are wirelessly networked through an ADHOC network.
3. computer B doesnot need to connect to the internet.

I've installed the GUFW. If I enable it I can not see the other computer files. I use static IPs for both. I tried setting a rule but I get stumped were it asks for the port. I'm not all that familiar with ports.

View 9 Replies View Related

Ubuntu Multimedia :: Set Up As Security Camera On Computer?

Jan 8, 2010

I have a creative pc cam 300 that i have been trying to set up as a security camera, on a computer running ubuntu 9.10. I tried installing the spca5xx driver, but i can only find it for old versions of ubuntu and it doesnt work. Does anyone know how to get the driver working?

View 3 Replies View Related

Ubuntu Security :: Boot Usb On Work Computer ?

Feb 11, 2010

I work in a retail store at which there is a computer set up in the corner for customers to browse the stores website on. The problem is that that is all it will let me do. I get board, and want to do other stuff. Once windows starts, it skips the logon on screen and once loaded the only thing that can be done on the computer is browse the stores website.

However, if I unplug the computer I can while its starting up get into BIOS. So here im wondering two things. 1) If I put in the USB, boot from it, and load ubuntu (even though I will only be able to use the default programs as theres no way I would want to install it on the work computer), will I get fired? In other words, is there a way if there monitoring the computers to know what im doing or because its a different OS will I be fine. 2) Alternatively, in BIOS there is an option to disable network administration.

For this my question is the same, if I disable it, do fun stuff on the computer all day, the re-enable it before I leave is there a high change of the network administration catching on to this or no.

View 2 Replies View Related

Ubuntu Security :: Make Computer More Secure?

Dec 9, 2010

I have very little security and networking experience. What can I do to make my computer more secure?

View 5 Replies View Related

Ubuntu Security :: ISP Keeps Complaining About Infected Computer

Feb 27, 2011

For a while my ISP has been sending me emails regarding an infected computer or computers on my local network. There are 4 computers running linux and 3 running windows on said network (3x ubuntu, gentoo, 2x windows server 2003 and windows 7).Now, I haven't used Windows in oh so many years and am not responsible for those computers on this network. Does it seem like this is a virus on a Windows host or should I research and adjust my iptables settings on the router? The applied anti-virus software (I don't know which one) apparently does not find any infections. On my workstation I'm using spotify and win32 office through wine, both obtained from legal and trusted sources, and would thus not consider my wine environment a threat.

View 4 Replies View Related

Ubuntu Security :: Computer Shutdown During 11.04 Install?

Apr 29, 2011

My laptop randomly shuts off, at first I thought it was an issue with the laptop overheating but during the install of 11.04 I made sure the laptop had a fan blowing on it constantly and checked it and determined it couldn't have overheated. My problem now is that I was able to use a live cd to access my old files but was presented with only two files stating that my files were encrypted, I'm don't ever recall encrypting my files and so I'm without a passphrase.

What I'm wondering, is there a way to gain access without the passphrase? Or is there a way to fix the corrupt install?

View 4 Replies View Related

Ubuntu Security :: Install Tripwire On Computer?

May 1, 2011

I am going to try to install Tripwire on my computer. I do not know why or how to configure Tripwire policy and configuration files.

View 1 Replies View Related

Ubuntu Security :: How To Know If An Intruder Had Attacked Computer

Aug 2, 2011

How does one know if an intruder had secretly accessed one's system? Does system log help? It seems it does but I am yet to figure out how to understand those files. Can anybody please help? Or are there other ways to confirm that. It may happen that the intruder had accessed some vital information but so far had not done anything malicious.

View 2 Replies View Related

Server :: Centos 5 Hacked Again?

Apr 7, 2011

my server is web server with centos 5 & parallel 9, don't why all web sites in this server have been added a home pages which is not mind. even the mysql admin also redirected to other site, what i can do!

View 6 Replies View Related

Ubuntu Security :: Can Flash Player Bug Take Control Of Computer

Jun 6, 2010

Reading from this article New Flash Bug Exploited By Hackers : How to avoid it? In particular the article said

Quote:

A new attack on a Flash bug has surfaced that would give attackers control of a victim�s computer after crashing it, reports PC World. Adobe put out a Security Advisory about this on June 4. It is categorized as a critical issue and all operating systems with Flash are vulnerable including Windows, Linux, and Apple and it is also found in the recent versions of Reader and Acrobat.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved