I've used Ubuntu Linux for a while now, virus free as per the reputation. However, something strange happened; while working I realize that PHP and HTML files have been altered, with a new 'iframe' html tag with a malicious site as the src. ALL the files in the public directory. I experienced this in windows long time ago; it's a fujack. On the other hand: settling in a new office and the internet service is yet to conclude their work. The place has several wireless networks. I tried to explore with a free one; and I'm beggining to realize that doing this was probably suicide. What could have happened to the maverick? It was really humiliating... -- Samuel Waithaka http://www.linkedin.com/in/waithaka http://twitter.com/samwaithaka
Hey note that virus free is used symbolically and should not be taken to mean Unbreakable or unattackable. This further should not give you the carefree attitude to click or install any application out there. I cant point to what happened unless under an audit of the machine, just to advice you to apply the same restrictions as on windows i.e. popups, and any random software out there etc etc etc. Cheers ./TheMburu On Fri, May 6, 2011 at 10:28 AM, Samuel Waithaka <samwaithaka@gmail.com>wrote:
I've used Ubuntu Linux for a while now, virus free as per the reputation. However, something strange happened; while working I realize that PHP and HTML files have been altered, with a new 'iframe' html tag with a malicious site as the src. ALL the files in the public directory. I experienced this in windows long time ago; it's a fujack.
On the other hand: settling in a new office and the internet service is yet to conclude their work. The place has several wireless networks. I tried to explore with a free one; and I'm beggining to realize that doing this was probably suicide.
What could have happened to the maverick? It was really humiliating...
-- Samuel Waithaka http://www.linkedin.com/in/waithaka http://twitter.com/samwaithaka
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Conservatism is the adherence to the old tried against the new untried.
There's antivirus for *nix, you just don't take your *nix to the internet without protection unless you want your box and bandwidth to be used for illegal business On Fri, May 6, 2011 at 11:03 AM, TheMburu George <themburu@gmail.com> wrote:
Hey note that virus free is used symbolically and should not be taken to mean Unbreakable or unattackable. This further should not give you the carefree attitude to click or install any application out there.
I cant point to what happened unless under an audit of the machine, just to advice you to apply the same restrictions as on windows i.e. popups, and any random software out there etc etc etc.
Cheers ./TheMburu
George, well I'm not very sure about the 'carefree attitude'... I've also not installed anything in the last several weeks; I'm sure of that; except the usual updates (I know not all are from verified sources, but again it's hard for any Linux user to be immune from that). Peter, recommendation of a particular one would really help. I get several from Google and a list from Synaptic but not sure which is the best. On Fri, May 6, 2011 at 11:10 AM, Peter Osotsi <peter.osotsi@gmail.com>wrote:
There's antivirus for *nix, you just don't take your *nix to the internet without protection unless you want your box and bandwidth to be used for illegal business
On Fri, May 6, 2011 at 11:03 AM, TheMburu George <themburu@gmail.com>wrote:
Hey note that virus free is used symbolically and should not be taken to mean Unbreakable or unattackable. This further should not give you the carefree attitude to click or install any application out there.
I cant point to what happened unless under an audit of the machine, just to advice you to apply the same restrictions as on windows i.e. popups, and any random software out there etc etc etc.
Cheers ./TheMburu
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Samuel Waithaka Techiepreneur | http://groups.to/techiepreneur http://www.linkedin.com/in/waithaka http://twitter.com/samwaithaka
probably cross site scripting<http://en.wikipedia.org/wiki/Cross-site_scripting> (not sure, am not a security anything), or your database getting compromised. Using Linux does not prevent you from vulnerabilities affecting web technoclogies
Dr. Web is free like beer, theres Eset, Kaspersky etc. You can download trial versions. On Fri, May 6, 2011 at 12:01 PM, Dennis Kioko <dmbuvi@gmail.com> wrote:
probably cross site scripting<http://en.wikipedia.org/wiki/Cross-site_scripting> (not sure, am not a security anything), or your database getting compromised. Using Linux does not prevent you from vulnerabilities affecting web technoclogies
List of Probabilities - If your machine is dual boot, the HTML files were probably modified when it was booted into an infected win32 OS - Your files are accessible over NW or Mapped NW drive in a samba share that has Full RW perm for everyone
I concur with @james, most probably the problem came from someone accessing the drive from elsewhere and their infected windows machine corrupting your chmod 777 -Rf files and directories. That said, i wish there was a way you could burn your whole disk image for posterity, at least to indeed show a virus attacked maverick. :-) Its a gem. On Fri, May 6, 2011 at 6:54 PM, James Nzomo <kazikubwa@gmail.com> wrote:
List of Probabilities
- If your machine is dual boot, the HTML files were probably modified when it was booted into an infected win32 OS - Your files are accessible over NW or Mapped NW drive in a samba share that has Full RW perm for everyone
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- *“The twentieth century has been characterized by three developments of great political importance: the growth of democracy, the growth of corporate power, and the growth of corporate propaganda as a means of protecting corporate power against democracy”* ~ Alex Carey ~ Tel No: 0x2af23696
Ill go with james idea. On Fri, May 6, 2011 at 7:28 PM, [ Brainiac ] <arebacollins@gmail.com> wrote:
I concur with @james, most probably the problem came from someone accessing the drive from elsewhere and their infected windows machine corrupting your chmod 777 -Rf files and directories.
That said, i wish there was a way you could burn your whole disk image for posterity, at least to indeed show a virus attacked maverick. :-) Its a gem.
On Fri, May 6, 2011 at 6:54 PM, James Nzomo <kazikubwa@gmail.com> wrote:
List of Probabilities
- If your machine is dual boot, the HTML files were probably modified when it was booted into an infected win32 OS - Your files are accessible over NW or Mapped NW drive in a samba share that has Full RW perm for everyone
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- *“The twentieth century has been characterized by three developments of great political importance: the growth of democracy, the growth of corporate power, and the growth of corporate propaganda as a means of protecting corporate power against democracy”*
~ Alex Carey ~
Tel No: 0x2af23696
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Solomon Kariri, Software Developer, Cell: +254736 729 450 Skype: solomonkariri
James, that makes perfect sense. I think I carelessly shared directories way back and forgot to clean it up later. So I had to pay. I can only this was not a tip of the iceberg. Brainiac, I'm sure I'd get myself into more trouble instead (in a list on the wrong books)...lol... On Sun, May 8, 2011 at 11:53 AM, solomon kariri <solomonkariri@gmail.com>wrote:
Ill go with james idea.
On Fri, May 6, 2011 at 7:28 PM, [ Brainiac ] <arebacollins@gmail.com>wrote:
I concur with @james, most probably the problem came from someone accessing the drive from elsewhere and their infected windows machine corrupting your chmod 777 -Rf files and directories.
That said, i wish there was a way you could burn your whole disk image for posterity, at least to indeed show a virus attacked maverick. :-) Its a gem.
On Fri, May 6, 2011 at 6:54 PM, James Nzomo <kazikubwa@gmail.com> wrote:
List of Probabilities
- If your machine is dual boot, the HTML files were probably modified when it was booted into an infected win32 OS - Your files are accessible over NW or Mapped NW drive in a samba share that has Full RW perm for everyone
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- *“The twentieth century has been characterized by three developments of great political importance: the growth of democracy, the growth of corporate power, and the growth of corporate propaganda as a means of protecting corporate power against democracy”*
~ Alex Carey ~
Tel No: 0x2af23696
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Solomon Kariri,
Software Developer, Cell: +254736 729 450 Skype: solomonkariri
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Samuel Waithaka Techiepreneur | http://groups.to/techiepreneur http://www.linkedin.com/in/waithaka http://twitter.com/samwaithaka
Glad to be of help
participants (7)
-
[ Brainiac ] -
Dennis Kioko -
James Nzomo -
Peter Osotsi -
Samuel Waithaka -
solomon kariri -
TheMburu George