Win XP is running ESET Nod32 AV and Comodo firewall, I'm having a big problem with Nod and Ubuntu, for some reason Nod is picking up the MBR on 0 physical disk (sda) as a virus "Probably unknown TSR.Boot Virus", and says is unable to clean. Since I've just that second installed XP I'm pretty sure it's not a virus or trojan, but is picking up GRUB as a false positive.
View 3 RepliesI have just been checking one of my machines with rkhunter and got the following result:
Code:
[17:50:08] Warning: Checking for possible rootkit strings [ Warning ]
[17:50:09] Found string 'hdparm' in file '/etc/init.d/checkroot.sh'. Possible rootkit: Xzibit Rootkit
[17:50:09] Found string 'hdparm' in file '/etc/init.d/bootlogd'. Possible rootkit: Xzibit Rootkit
Using a well known search engine shows that others have come across this before: [URL] I have installed the current version of rkhunter from Debian's Unstable repo,but i still have the same result as above. I now check the rkhunter wiki,which mentions the same problem: [URL]
Quote: Here is an example on my system to remove a false positive for a certain rootkit that hit hdparm.
[Code]....
Is this a false positive from rkhunter?
/usr/bin/curl [ Warning ]
/usr/bin/ldd [ Warning ]
Chkrootkit came back ok. Running ClamAV and will only add that here if it finds anything. I just neve remember seeing these before. This is in Ubuntu 10.10
way to remove open-whois.org as an rbl from /usr/share/spamassassin/50_scores.cf/usr/share/spamassassin/72_active.cfIt's creating a lot of false positives on a mail server i am using with ubuntu. i noticed only ubuntu lucid is using updated spamassassin 3.3.1 and all others are using 3.2.5i was on spamassassin's website and noticed this issue has been resolved on spamassassin 3.3.1 but not 3.2.5i tried looking in those files but they are too complicated for me to understand.i am assuming they manually have to be removed.can anyone help with the open-whois.org rbl removal from mail servers as it is currently squatted and creating false positives?
View 5 Replies View RelatedTrying to boot a mythdora (fedora 10 + mythtv) machine and several services can't start and are reporting disk full. Not sure how this is possible though:
[root@mythbox run]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
[code]....
I thought about giving ESET NOD32 Antivirus 4 for Linux Desktop a try. But I cant seem to figure out how to install it. As it is an executable by the name ueav.i386.linux.
View 4 Replies View RelatedI bought new Sony VAIO NS31S. It had preinstalled Windows Vista. I wanted to go back to Ubuntu, cause I used it (but never been really understanding how its working) on my previous notebook. I downloaded Wubi with Ubuntu 9.10, installed, rebooted - everything was fine. I even had connection to the web (what I was very suprised to see, cause I had troubles with that Net provider on my old hardware with U 8.something).
I removed several programs, mainly games or accessories for PalmOS, etc. On the second hand I installed Kadu, Google Chrome (here I couldnt use Software Center, it was installed form downloaded package), Netbeans, and then some errors occured, so I allowed system to get updates. After installing them I switched off computer, and today (the whole story was yesterday and day before) I wanted to boot Ubuntu, but GRUB gives me command line & some info(in a while I swith VAIO off, go to the old machine, and try to rewrite text from GRUB here). I TABbed, and there was a list of commands, so I tried some of them, and It looks like my system is gone. On Windows side I think its all ok - here's my folder hierarchy:
Code:
/ubuntu
//disks
root.disk
swap.disk
[code]....
if there are /'s before files name it means its a directory. else its a normal file. Whitespaces shows what belongs where.if there already has been topic like this. Ive searched this forum for 'wubi' 'vaio' and 'grub' and there was nothing I thought might be simillar. Is it possible to switch off double system choosing? I mean Windows gives me choice to boot Windows or Ubuntu, or use some windows recovery tools. If I try to boot Ubuntu, there comes GRUB, which gives second choice of choosing Windows. But this is smaller problem, then nnot booting linux I rebooted once again. Here's what GRUB says:
Code:
GNU GRUB version 1.97~beta4
[ Minimal BASH-like line editing is supported. For the first word, TAB lists possible command comletions. Anywhere else TAB lists possible device/file completions. ] So I pressed TAB, found some commands (there's quite lot of them, so as for now I wont write them here).
Code:
sh:grub> ls
(loop0) (hd0) (hd0,2) (hd0,1)
Code:
sh:grub> linux
error: no kernel specified
Code:
sh:grub> boot
error: no loaded kernel
it turns out that I don't have my Ubuntu option in GRUB any more. I need the kernel version in order to add it to my list file. Any help? I can't boot it to find out because GRUB doesn't recognize it as an option.
View 4 Replies View RelatedI was doing some testing which is required for some of my products
Here is the strange behaviour i observed
First i did set the timezone to PST 2010 (which is less than GMT basically negative timezone)
zdump -v /etc/localtime |grep 2010
/etc/localtime Sun Mar 14 09:59:59 2010 UTC = Sun Mar 14 01:59:59 2010 PST isdst=0 gmtoff=-28800
/etc/localtime Sun Mar 14 10:00:00 2010 UTC = Sun Mar 14 03:00:00 2010 PDT isdst=1 gmtoff=-25200
[Code]....
Note:in the above case when i did set time to 2:59:55 and said ok by then CEST became CET already. That could be the reason why DST is not happening.
I tried with few other positive and negative timezone configuration all the negative time zones resets back properly where as all the positive timezones doesn't
All my timezone files are up to date,i am using fedora 9
I'd like to read opinions from people have been using either one of the two GUIs for quite a while.What do you prefer the GUI you use?
View 9 Replies View RelatedI'm on ubuntu 10.4 and Cant seem to falsely authenticate myself with my AP. I am trying to break a wep key on one of my older linksys routers; It continues to say this:
Code:
root@kevin-laptop:/home/kevin# aireplay-ng -1 1 -a xx:xx:xx:xx:xx:xx mon1
No source MAC (-h) specified. Using the device MAC (xx:xx:xx:xx:xx:xx)
11:39:16 Waiting for beacon frame (BSSID: xx:xx:xx:xx:xx:xx) on channel 6
11:39:16 Sending Authentication Request (Open System) [ACK]
11:39:18 Sending Authentication Request (Open System) [ACK]
11:39:20 Sending Authentication Request (Open System) [ACK]
11:39:22 Sending Authentication Request (Open System) [ACK]
11:39:24 Sending Authentication Request (Open System) [ACK]
11:39:26 Sending Authentication Request (Open System) [ACK]
11:39:28 Sending Authentication Request (Open System) [ACK]
11:39:30 Sending Authentication Request (Open System) [ACK]
11:39:32 Sending Authentication Request (Open System) [ACK]
11:39:34 Sending Authentication Request (Open System) [ACK]
11:39:36 Sending Authentication Request (Open System) [ACK]
11:39:38 Sending Authentication Request (Open System) [ACK]
11:39:40 Sending Authentication Request (Open System) [ACK]
11:39:42 Sending Authentication Request (Open System) [ACK]
11:39:44 Sending Authentication Request (Open System) [ACK]
11:39:46 Sending Authentication Request (Open System) [ACK]
Attack was unsuccessful. Possible reasons:
* Perhaps MAC address filtering is enabled.
* Check that the BSSID (-a option) is correct.
* Try to change the number of packets (-o option).
* The driver/card doesn't support injection.
* This attack sometimes fails against some APs.
* The card is not on the same channel as the AP.
* You're too far from the AP. Get closer, or lower the transmit rate.
root@kevin-laptop:/home/kevin#
I'm using an eeepc 701 it has an Atheros card and does injection. I have also tried it with backrack 4 and it works perfectly (it falsely authenticates with the ap and decrypts the wep key) I just cant seem to get it to work on ubuntu 10.4. Could it be a kernel issue? I found out that there is a bug in the new(er) kernel(s). If you use an older kernel (I used 2.6.31-14 which can be found here) and it magically works.
I have a system recovery partition on my drive. It's size is 1.4gb. I'm supposed to be able to boot to it but the MBR got rewritten a few times already I think. Maybe GRUB can get me to boot to it.
View 4 Replies View RelatedJust wondering how can one go about hiding their IP or displaying a false IP in Linux. Is this possible? Its not that I have anything to hide or any such things, I just like my privacy and don't like the idea that some one can track my actions and my location.
View 5 Replies View RelatedThe system requirements for ESET NOD32 Antivirus 4 for Linux are: Red Hat, Ubuntu, Debian, SUSE, Fedora, Mandriva, and most RPM and DEB Linux desktop distributions. Can this be installed on Slackware? I tried the download and install. Its says that after the install you need to reboot and an 'activate' application will start - it didn't. I used ESET in my prior Windows life and it was great so I thought, why not in my linux life!
View 12 Replies View RelatedI have a 4 disk Raid 10 with Windows 7 installed & working. (Win 7 sees this as 1 disk.)
I installed 9.10 onto a 5th disk, but I think that ubuntu saw the Raid 10 as 4 separate disks and wrote the boot loader to hd0- I had to rebuild my array & I couldn't load 9.10
For the second attempt, I disconnected my Raid 10 and 9.10 is now alive & well on the 5th disk, (presumably with the boot loader on the same disk). Both Win 7 & Ubuntu 9.10 now work but I have to steer to the required disk via the bios for loading.
I'm reluctant to play with the boot loader (GRUB?) from 9.10, because it doesn't seem to like my Windows disk array. Would something like EasyBCD (used from Win 7) be an option?
Recently a friend received a couple of emails from someone she knows with web links that purported to be about health issues. She clicked through on two of them; one gave an error, and the other went to a ****** site, so she believes these are "virus" sites. And the person who "sent" the email has just confirmed that his account was "hacked" (I'm guessing actually a virus on his computer). So, two questions:
1) She's running ubuntu 10.04. Is there any reason she should have concerns about her system's security? rkhunter gives no warnings.
2) She is also concerned that it could have compromised her email account (on gmail). I don't see how this is possible, but can anyone confirm about that?
I have added no data to my hard drive in the last few days. I saw a notification saying I had only 1.8Gb left on my drive. Shortly after I dismissed it and ran: Code: sudo apt-get clean like the notification suggested. Then, another poped up. Now it said I have 0 bytes left.
So, I opened the disk usage analizer and the data seemed normal, and not my full drive size. It still was saying I have no space so I checked the properties widow for / . It said / contained 128TB of data and the file counter showed no signs of stopping after a few minutes. Obviously my drive is not 128TB in fact it's only 500GB. Also the disk manager program (system volume information?) Said it has 28 bad sectors.
I run apt-get upgrade and get
Quote:
Preconfiguring packages ...
(Reading database ... 78720 files and directories currently installed.)
Preparing to replace apt 0.7.25.3ubuntu9 (using .../apt_0.7.25.3ubuntu9.1_i386.deb) ...
Unpacking replacement apt ...
dpkg: error processing /var/cache/apt/archives/apt_0.7.25.3ubuntu9.1_i386.deb (--unpack):
unable to create `/usr/share/locale/dz/LC_MESSAGES/apt.mo.dpkg-new' (while processing `./usr/share/locale/dz/LC_MESSAGES/apt.mo'): No space left on device
No apport report written because the error message indicates a disk full error
[Code]....
I wonder if anyone can help, I've got an annoying problem with an Acer Revo running Ubuntu 9.10 with the latest NVidia drivers. The Revo is connected to my TV via an amp by HDMI. The Revo didn't seem to like this, I'm assuming due to some handshaking issue with the HDMI which meant that no signal was being passed. Therefore, in Xorg.conf I have used
Code:
Option"UseEDID" "False" This makes the a picture appear but the highest resolution available is 640x480 (if I connect directly to my TV and comment out the "UseEDID" line the resolution is the proper 1920x1080).I have tried editing xorg.conf (the file is posted at the bottom) to force 1920x1080 resolution but nothing seems to work.
Code:
# nvidia-settings: X configuration file generated by nvidia-settings
# nvidia-settings: version 1.0 (buildd@palmer) Sun Feb 1 20:21:04 UTC 2009
Section "ServerLayout"
[Code]...
If in Software Sources I have "Download from" set to "Server for Australia", then when I run sudo apt-get update, I get a warning at the end
Code:
Reading package lists... Done
W: Duplicate sources.list entry http://dl.google.com stable/main Packages
[code]....
I have vsftpd installed on my Debian (squeeze). I wish to let a local user (ftp) access the FTP server, but not login as normal user through SSH. In vsftpd.conf, I have enabed local user and chroot. I have also changed the shell of the local user (ftp) to /bin/false. The problem is that, I cannot login the FTP server from another computer (I login as "ftp" on a Windows machine). But when I change the shell of the local user (ftp) to /bin/sh, I can login the FTP successfully.
Is this the problem of Windows, or I should use something else instead of /bin/false if I want to prevent "ftp" login service other than FTP?
I have a new (few months) HP Compaq laptop where I run Fedora 13. A couple weeks ago, it started complaining about too many bad sectors in the HD. What I have done is to remove palimpsest from load-on-start list, so I don't get the annoying message. I know the palimpsest Disk Utility has given problems like this (false positives) in Ubuntu, and F11. So my concerns are:
Is it normal in F13 to get those palimpsest warnings? Or should I consider the idea that my new HD is really failing? If this is a bug in palimpsest, is it going to be fixed soon?
I ve upgraded my system from F11 to F12 recently . Everything went good till now. Yesterday i ve tried to check if there was any update via software update and a very very bad thing happened without me knowing it updated to all dev-test packages of F13.
Is there any way of uninstalling-removing everything thats connected with F13 from my system cause now all is going very slow and laggy probably bugfull. Also my software sources tab has vanished from menu...i ve tried to edit the menu to see if i can add it back but no luck its not there also....i can enter it only via terminal.
I have set up Samba on an Ubuntu 10.04 and am attempting to back up files from a Windows 7 machine. The entire Windows 7 drive is under 300GB and the is a single 1TB drive in the Ubuntu machine with over 500GB free as can be see below.
jon@Timeh:/etc/samba$ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 937824152 326054016 564131352 37% /
[code]....
My wireless connection work just fine but it gives me wrong connection status, like 10% even when I'm seating near the wireless router or disconnect status while I steal manege to use the internet at full speed.
View 1 Replies View RelatedI would like to know if there is any differences on how to install and to configure GRUB 2 in the different architectures (BIOS/IBM PC-Compatibles, EFI/MacIntel and Corebbot)? Does the Ubuntu installer automatically recognize the different architectures and install the appropriate GRUB 2 package ('grub-pc', 'grub-efi' or 'grub-coreboot' according to the arch)? Or does it just install 'grub-pc'? Is the location of GRUB 2's configuration files different depending on the arch of the computer? Or are they all located in '/boot/grub/', '/etc/grub/default' and '/etc/grub.d/', no matter the arch of the computer? Are the files' structure and options to configure GRUB 2 ('/etc/grub/default' and the scripts in '/etc/grub.d/') different depending on the arch of the computer?
View 3 Replies View RelatedI'm just slightly confused here, but... what the? Why does installing grub-doc remove BOTH grub-pc, and grub-common? So basically it seems like by installing grub-doc, I have uninstalled grub totally (yes, it is still there as the bootloader, but i have no way of updating it now!) from my system. What's the conflict between grub-doc and grub-pc, such that grub-pc has to be removed?
View 5 Replies View Relatedmy Setup is Fedora 14 x64 + radeon hd 4830 i've downloaded .run package from ati site with latest driver for x64 systems. installed it, but didn't edited grub.conf becouse i didn't understood anything there (probably didn't spent enough time to get things understand) Now i've lost possibility to enter my Fedora system. during boot it lost it's modern blue boot screen (with filling drop), it was replaced by standard old boot screen with triple-color stripe. after this boot screen monitor start blinking going on and off. and on last step i'm getting "Fedora 14 boot bla bla bla something" on screen. nothing works except Ctrl+Alt+Delete. system reboots showing successful daemons shutting sequence. How can i edit grub menu from initial grub screen is it possible to it's own 'e' option or 'c' from grub command line?
View 4 Replies View Relatedafter doing an upgrade to 10.4 and updating grub I get this message. how do I address this
[Code]...
I have an old BIOS (only 149 GB detected in 160 GB drive). I have installed very few OS as a result - Windows in first 80 GB , 2 distros (20 GB each) in next 40 MB which is within the 149 GB. On issue of "update-grub" grub seems to detect all OS and generates grub.cfg. But on boot , one distro does not appear in the menu.
View 3 Replies View Related