Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 25 Oct 2014, 08:27
All times are UTC - 4
 Forum index » Off-Topic Area » Security
CUPS port 631 security
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
Edwardo

Joined: 26 Jun 2013
Posts: 42

PostPosted: Thu 26 Dec 2013, 10:46    Post_subject:  CUPS port 631 security  

Running Carolina 1.1. When online I look to see who's connected.

QNetStatView lists UDP local address *.631 as CLOSE with remote address "*".

127.0.0.1.631 local address is LISTEN though I understand 127.0.0 cannot be accessed from the Internet??

After some research it seems port 631 can be exploited.

After being thoroughly hacked twice this year I am somewhat wary of almost everything.

Prior to the latest occasion I handed my machine over to a 'tech' to install XP as Puppy could not do the job (running an Excel specific addon).

When the man returned my machine after four hours in his possession I noticed the BIOS password had been removed which was OK seeing as he needed to adjust a few items there during installation. No problem so far. Up to this point the machine had been running Puppy without any problems for two months.

I got the machine back and ran Windows for about one month. I talked to a number of people over Skype with this XP version and on several occasions there were unusual crackling sounds from the speakers, on others the cursor on the screen moved entirely by itself. Quite strange.

I looked in XP Services and found the Remote Registry set to Enabled along with several other indiscreet settings.

I opened Restore System and found only one setting I was able to use, Yesterday, and all other functionalities of the Restore System were locked away from me.

I installed 'Everything', a nice little search utility that tells you when files have been modified and accessed. This revealed the System Volume Information folder was being restored every day/on reboot, presumably to restore the ratware that had been installed and prevent it from deletion.

Without making any changes to the BIOS I ran Puppy and after a few minutes the rat remapped my keyboard rendering the machine useless.

I researched BIOS viruses and found some interesting information, not immediately as most writers will tell you they are rare, hardly ever seen, difficult to install etc, which is rubbish. They most certainly exist and can and may may infect video and CD/DVD firrmware. Rakshasa is one of them. I made a first effort at removing the rat and flashed the BIOS and reformatted the hard drive but I'm not sure here, when the drive is reformatted does the MBR get cleaned? Maybe not as there's a separate command 'bootrec.exe /FixMbr' but it's not important as I will not be using Windows again.

So with this it brings me back to the 631 vulnerability.. Should I be concerned? Is this a normal Netstat entry?
Back to top
View user's profile Send_private_message 
bill

Joined: 28 May 2008
Posts: 495

PostPosted: Fri 27 Dec 2013, 14:35    Post_subject: CUPS port 631 security  

Hi Edwardo,I am not sure if this .iso would have any effect on CUPS port 631 security or not but I do know that anything that is stored in ram,whether it is put
in by the user or some artful dodger via the internet will simply be dumped from the pupsave.2fs file on shutdown.This is of course ,if the user fails to Click On the "Save By Demand Only" radio button.I have tried a couple of times to archive this .iso but so far I have been unable to upload it ,anywhere ? Should
there be anyone out there who would like to "audit" it ,give me a clue where and how to deposit it and with my speedy dialup Wink I will try to comply.cheers
SaveOnDemandOnly.jpg
 Description   
 Filesize   4.45 KB
 Viewed   174 Time(s)

SaveOnDemandOnly.jpg

Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0454s ][ Queries: 13 (0.0054s) ][ GZIP on ]