So since i have installed linux, I have been ready about how virus are not nearly as likely to infect linux system as windows, i am running a dual-boot though and import my profile and have a lot of my files from windows system on linux, can they potentially be infected in the windows sense?
View 2 Replies
I Clam-scanned a bunch of old CD's.. Clam found 9 infected notes infected with: "Worm.Allaple-319"... I wonders if this was my problem with Ubuntu always failing..? These are some of my best notes.. Is it possible to clean the bugs out of them with Fedora..?
View 8 Replies View RelatedMy Windows XP Pro laptop has been attacked! Windows will no longer update and Microsoft Security Essentials will not update either. I've been trying to resolve the issue for over two weeks with Microsoft support, but it's just taking too long. I also tried some rescue CD options (all running some form of Linux, obviously):
- BitDefender Rescue CD (removed infections, now detects nothing),
- Kaspersky Rescue CD 10 (removed infections, now detects nothing),
- Trinity Rescue CD (won't load AV Engine, so can't use it to do anything).
Malwarebytes cleaned a bunch of stuff, but will not clean the final threat detected (it's supposed to get deleted on reboot, but never does). Hijack.FolderOptions is stuck in the accursed registry, and it keeps causing Windows Explorer to crash. I cannot rename files or work with them or everything just crashes.
So I'm ready to reinstall XP from scratch, and add a dual boot with Xubuntu & LXDE, which I'm already running on a much older laptop.
Question: I want to rescue the files I need. My idea was:
1) Install Xubuntu with dual boot.
2) Copy over files from Windows XP partition using Xubuntu.
3) Back up files to an external drive using Xubuntu.
4) Reinstall XP Pro and format hard drive.
5) Reinstall Xubuntu with dual boot.
6) Use Xubuntu for daily use.
7) Only use XP for those tasks that require it (TomTom updates ...)
Should I be concerned about the security risk from copying files from the Windows partition to the Xubuntu partition, and from there onto an external hard drive?
Is this the way to do it, or is there a better way? I just want my laptop back in working order. Right now I can't use it for anything.
Malware Potentially Implicated in 2008 Fatal Plane Crash in SpainQuote:Investigators looking into the crash of Spanair Flight 5022 at Madrid International Airport on August 20, 2008, killing 154, found that the airline's central computer system used to monitor technical problems in its fleet was infected with malware, according to this news report. The central computer system should have warned the airline that Flight 5022, an MD-82 aircraft, was having repeat mechanical problems.[URL]
View 7 Replies View RelatedQuote: Security expert Georgi Guninski has pointed out a security issue in the 1.0 branch of OpenSSL that potentially allows SSL servers to compromise clients. Apparently the hole can be exploited simply by sending a specially crafted certificate to the client, causing deallocated memory to be accessed in the ssl3_get_key_exchange function (in ssls3_clnt.c). While this usually only causes an application to crash, it can potentially also be exploited to execute injected code.
View 1 Replies View RelatedI have an MD3000 storage attached to dell server via sas cables, running ubuntu server.
the kernel keeps throwing these messages every other second on the console, but the drives from MD are fully accessible.
Jan 3 12:04:24 node2 kernel: [71041.035822] sd 5:0:1:0: [sde] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
Jan 3 12:04:24 node2 kernel: [71041.035828] sd 5:0:1:0: [sde] Sense Key : Illegal Request [current]
Jan 3 12:04:24 node2 kernel: [71041.035833] sd 5:0:1:0: [sde] <<vendor>> ASC=0x94 ASCQ=0x1ASC=0x94 ASCQ=0x1
both audio inputs (I use the integrated mic on my notebook) and jack-sense (integrated speakers/headphones) work properly, as they should. But after some time (from few minutes up to several hours) both of them cease to work simultaneously. After that the mic input levels turning gray and speakers don't work at all (when headphones were connected at that moment) or speakers don't mute when I connect my headphones (if headphones were not connected then). After I reboot, everything is okay again for some time, but then it happens again. Setting mixer levels manually with alsamixer doesn't help at all. I also tried different snd-hda-intel model settings in alsa.conf, but that just made things messed up, so I stayed with auto setting. This way everything (inputs/outputs/sense) works as should until it simply stops working.
It's maverick, ALC268, ATI Azalia (Intel HDA), alsa 1.0.23, but I had this problem with karmic and lucid as well when I tried them. Now I want to switch from Win7, but this is the only thing keeping me from it.
I'm using an Acer Aspire 5536g and Ubuntu 10.10 x64. I can't get any sound from my mic with PulseAudio installed and the headphone jack sense function doesn't work either - when I plug my headphones I get sound from both them and my built-in speakers. I don't have any problems with PulseAudio removed.
View 9 Replies View RelatedDoes it make sense to run sshd confined/protected by apparmor? I get tons of attack/hack attempts on my ssh port daily, I created a white list on my firewall to specify the IP addresses that can ssh into my network. I was also thinking of activating the sshd profile in apparmor for some added protection?
View 5 Replies View RelatedWallpaper, with a complimentary color scheme for windows decoration, and icons and sound effects inspired thereby, loaded as a set. Is there an app that does this for KDE? It seems like linux gives me more options, but without an important tool to utilize them. I'm sorry to bring a question here that's probably been asked many times over the last dece, but the likely hits on "theme" and "windows" has overwhelmed my search fu.
View 4 Replies View RelatedPlease help me to increase web traffic to my site and need hit for ad-sense.
View 1 Replies View RelatedI got some documents scanned today and had them put in a USB drive. The shopkeeper informed me that it has a virus, yet he transferred the files onto the USB drive. When I put it into my computer ten minutes later, the drive was not getting mounted. I read up and tried installing usbmount. After installing that, I managed to mount the drive. However, the drive was read-only on Ubuntu. On Windows, I found a virus and tried unsuccessfully to delete it (read-only). I tried again on Ubuntu, but didn't manage to delete the infected file (ReCyCleR/sEtuP.exe). I have now backed up all the files on the disk (except, obviously, the ReCyCleR directory). When I try to format the drive using gParted, I get:
[Code]....
For a while my ISP has been sending me emails regarding an infected computer or computers on my local network. There are 4 computers running linux and 3 running windows on said network (3x ubuntu, gentoo, 2x windows server 2003 and windows 7).Now, I haven't used Windows in oh so many years and am not responsible for those computers on this network. Does it seem like this is a virus on a Windows host or should I research and adjust my iptables settings on the router? The applied anti-virus software (I don't know which one) apparently does not find any infections. On my workstation I'm using spotify and win32 office through wine, both obtained from legal and trusted sources, and would thus not consider my wine environment a threat.
View 4 Replies View RelatedRecently, I've been contacted through AIM by a showgirl who wants me to watch her webcam. I found it very unusual that I was contacted about this, especially through AIM. Now, I don't actively give out my AIM screen name. The only place I am aware of it being posted up is on Facebook, and even I have my privacy on Friends so no one outside my network could see it... and even then my birthday on Facebook is underaged for this scandalous activity.
So I don't believe my screen name was gathered from Facebook in its use in this.Is it possible that I am infected some data mining spyware? How does Ubuntu deal with tracking cookies? I also consider that my screen name was mined from someone else's AIM account by which I was then contacted.
At home I'm currently running Hardy on a desktop machine and Jaunty (Eeebuntu) on an EeePC. I often connect the desktop to the internet via a cellphone as modem. I also often connect the EeePC to the desktop via crossover cable and SSH into the desktop so I cam watch video files from the desktop on the EeePC from the sofa or bed.
I'd like to be able to use the desktop's internet connection from the EeePC. This means I have to set up the desktop so the EeePC can share its connection - this involves setting up the desktop as a gateway I believe?
Looking around for info on how to do this, I found this guide [URL]...in-ubuntu.html - but unfortunately it seems this guide has not been written correctly. It repeats itself in one section (below: repeated section in bold):
[Code]...
The audio plays both on speakers and headphones, try all varients of snd-hda-intel model=[ref, auto, dell, dell-bios, etc] but doesn't fix this problem.
cat /proc/asound/card0/codec#* | grep Codec
Codec: Conexant ID 5067
Laptop: Vostro 1014
OS: Jaunty
Kernel: 2.6.28-18-generic
ALSA : 1.0.18-ubuntu11
Gateway m275 with Fedora 12 is unable to read DVD+RW media. Media is recognizable on DVD+RW drive.
What do I need to set to make it readable or is the problem the media type?
ClamAV tells me that three of my OpenOffice.org Calc spreadsheets may be infected (status "MBL_144360.UNOFFICIAL", if that means anything). This seems not entirely implausible, since yesterday I used a USB stick to transfer files from a Windows system. Anyway, I'd really like to keep these spreadsheets. Can I disinfect them somehow?
View 2 Replies View RelatedI recently ran a virus scan on my CentOS server using ClamAV's "clamscan" command to scan my entire system for virus. After the scan was complete it says that I have 1 infected file on my computer. I COMPLETELY FREAKED OUT! Is there some kind of log that I should read to see where the infected files are? Also does ClamAV just scan your system for virus or does it scan and remove the virus on the computer.If you know of an alternative open source security software,
View 3 Replies View RelatedI'm now running Ubuntu 9.04. There are 2 accounts on this computer, one is linux, the other is ubuntu. Before New year, everything had been fine. But after new year, I came back and found that the password of this account linux has been changed. So I fixed using my rescue disk. But since that day on, it seems that this password changes everyday somehow. Everyday when I'm trying to log into my Ubuntu System using the account linux, it says login failed. However, i can still login using the account ubuntu. I'm really confused. Why is this? I checked the date of expiry. Everything seems to be fine.
View 14 Replies View RelatedI'm trying to build a shared library, and am receiving several undefined reference linking errors. Specifically, ffmpeg linked with libx264. I'm aware that this is not an appropriate forum for questions specific to ffmpeg or libx264. In order for one library / application (ffmpeg) to reference another library (libx264), the linker has to know where the referenced library (libx264.so) is located in the file system.
I'm pretty sure the linker knows where libx264.so is, because I receive a different error message when I run ffmpeg's configure script if the linker can't find libx264.so. In general, should running the install target of a make file be preferred over specifying the appropriate paths in the CFLAGS and LDFLAGS environment variables? I've tried both, and it doesn't seem to make a difference in regard to my error which method I choose.
How exactly is a library referenced? My error messages are
/root/ffmpeg/libavcodec/libavcodec.so: undefined reference to `d26'
/root/ffmpeg/libavcodec/libavcodec.so: undefined reference to `d22'
/root/ffmpeg/libavcodec/libavcodec.so: undefined reference to `d2'
/root/ffmpeg/libavcodec/libavcodec.so: undefined reference to `d20'
/root/ffmpeg/libavcodec/libavcodec.so: undefined reference to `d24'
/root/ffmpeg/libavcodec/libavcodec.so: undefined reference to `d0'
/root/ffmpeg/libavcodec/libavcodec.so: undefined reference to `q1'
If I can find out what library 'd26', 'd22', etc. are declared in, I should be able to resolve the undefined references. What exactly are 'd26', 'd22', etc.? Are these functions, classes, or something else? How can I find out what functions / classes are defined in a particular library?
I noticed my Internet slows to a crawl when I'm running bittorrent, but when I look at my torrent app (Transmission), the upload/download speeds are mere kilobytes per second, and my Internet has much higher bandwidth capabilities than that.So I tested it:No torrent running
(ping: 13 ms, down: 11.39 mb/s, up: 2.80 mb/s)
Torrent running
(ping: 752 ms, down: 4.30 mb/s, up: 0.19 mb/s)
[code]....
After I installed a gigabit router, I could not access my nfs server anymore; I tried with the previous physical set-up and all was OK so clearly it is the new router that is the disturbing factor. After some (and then some) experimenting, it would appear that the following specific feature needs to be enabled: Filter Internet NAT Redirection This feature uses port forwarding to block access to local servers from local networked computers. Select this feature to filter Internet NAT redirection. It is not selected by default.
The reason I had simply looked over it is that I did not see how internet nat redirection could be related to the local network. As I read the details, it became clear that it really is but it also raised new questions. Have I now allowed just anyone on the internet to access to my nfs server? Because the description is not very clear either as it mentions both internet and local network. And what is that odd terminology? Filtering allows access, not filtering does not - that seems like the world upside down ...
I have seen that we can scan for viruses and also virus infected files with ClamAV but is there any possibility that ClamAV can repair virus infected files.
View 1 Replies View RelatedI have LAN with 20 machines. I see that one of them is infected. Its sending a lot of packets to the internet. My internet connection at this momment is realy slow. What should I do? How to detect which machine is infected? I'm using hardware firewall. Fortigate... Its hard to configure there nice logs. Any good software. I don't want to switch off network cable from each machine and check.
View 10 Replies View RelatedI ran a scan (clamscan -r --remove /home/) on my user's home directory yesterday & since I have so many users on my mail server, it takes a very long time to complete. I came back in this morning and realized that there were two infected files found during last nights scan:
Code:
----------- SCAN SUMMARY -----------
Known viruses: 847768
Engine version: 0.96.4
Scanned directories: 23114
Scanned files: 1066439
Infected files: 2
[Code]....
if i run a program that is infected with a trojan/virus in Wine will it effect Ubuntu?
View 9 Replies View RelatedAfter kernel upgrade to latest version I get a lot of failure messages in syslog and dmesg:
Code:
Mar 16 22:50:30 s6 kernel: [515925.148335] megasas: Failed to copy out to user sense data
Mar 16 23:07:57 s6 kernel: [516970.118242] megasas: Failed to copy out to user sense data
[code]....
In my network I have 25 workstations and some serves. Everything working in local LAN with firewall. The problem is that on one machine (I dont know which one) is installed software which sending data to the internet. Actually I dont know what it is. Last time as I remember was trojan which can create new network interfaces in windows and send some data to the internet. The half speed of my network connection is used by this infected machine. How can I detect which machine it is? How can I listen/capture some traffic and analyze from which machine I have more connections.
Please take a look on this time. Instead of 141-150ms should be 4-5ms.
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=1 ttl=249 time=141 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=2 ttl=249 time=135 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=3 ttl=249 time=147 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=4 ttl=249 time=127 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=5 ttl=249 time=156 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=6 ttl=249 time=129 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=7 ttl=249 time=188 ms
How can I detect which machine is infected using only linux and keyboard ?
I have a server connected to the internet placed in a DMZ that was running ProFTPD. A couple of weeks ago there was a security threat uncovered that would grant access to external users through a buffer overflow. Of course I patched my ProFTPD quite often after that to secure my server. Now my problem is that the servers of ProFTPD were compromised and that source code with a back-door was released. To make matters worse compromised systems notify the hacker they are infected. is there any way to ensure I don't have a root-kit installed short of reinstalling the system?
View 4 Replies View Related
