(old)Puppy Linux Discussion Forum

From that thread you are talking about XP with Internet explorer installed...so normal behaviour...you don't even have to run IE to get those.

You made it sound like this had happend whilts using puppy...my misunderstanding sorry

regards

mike

@mikeb
Your first impression was correct. The problem happens with Puppy Seamonkey, there is a recent report of Ubuntu (Firefox) getting the rogue AV popups, and even Macs seeing the problem. Since these popups and page redirects come from advertising, a good temporary fix for Mozilla browsers is to stop the ads with Adblock.

Your first impression was correct. The problem happens with Puppy Seamonkey, there is a recent report of Ubuntu (Firefox) getting the rogue AV popups, and even Macs seeing the problem. Since these popups and page redirects come from advertising, a good temporary fix for Mozilla browsers is to stop the ads with Adblock.

ah those things....they use javascript and then make a page look like windows explorer or similar, or as you mentions the you are infected tripe...if only they knew . I'm not sure how the javascript settings in preferences would affect these happenings..the ones designed to limit what javascript can do.

mike

I have seen those kind of "scare-windows" a few times whilst using Puppy. They are quite amusing - especially the ones that refer to directories which you don't even have on your Windows partition - which isn't even mounted!

You sometimes see a pop-under window which only appears after you close or minimise the browser but this is just a scary window, it doesn't mean they are scanning or installing anything on Puppy Linux. Some of them are quite persistent - the only way I can get rid of these is to kill the process.

As far as I know, though, all quite harmless if you are using Puppy. I know this might be alarming for would-be Windows refugees but is it possible the pop-under is generated by a site you visited before Puppy Linux? If the Puppy forum is the last site you visit before closing the browser that's when you'd see the pop-under.

I usually visit the Forum with adblock enabled either on Seamonkey in Puppy or on Firefox in XP. Is it possible that's why nobody else has reported this? If it comes from an ad I'd never see it.

The last thing we should be doing is allowing these rogues to scare people away from Puppy.

word to the wise: When I was getting those popups on Puppy Forum, I actually had one trojan and three rootkits in operation on my Windows computer, which I occasionally used to visit the forums. The rootkits prevented my security software from detecting them, as well as preventing Windows security patches and updates from AVG.

Well tell us their names, then perhaps someone can scan the Forum for nasties - assuming it isn't some ad containing a cross-site script which is no longer present.

The problem with modern exploits like this is that one vulnerability may be used as an enabler or hook for something else to attack your system. You may have picked up the rootkits from elsewhere and these enabled some nasty on the Forum to try something else.

Worst infestation I have ever encountered (not on one of my own machines) was two and a half million files produced by a worm (I think it was) on a Windows Server. Couldn't even open that directory in Windows. If you opened a command line the machine rebooted. It modified something/System32/drivers/etc/hosts so that all common anti-virus sites were mapped to 127.0.0.1 . It prevented you viewing hidden directories or files which it had dumped on the machine and did a whole heap of other nastiness.

Fixed it with SLAX (Puppy wouldn't mount the RAIDed drives). Even that couldn't open a directory with millions of files in a graphical window so I deleted them all from CLI.

Point is, I have fixed broken/infested Windows boxes a few times with a Linux live-CD (usually Puppy)

I have never fixed a rootkitted Linux box with a Windows recovery disk!

" word to the wise: "

///////////

Dreamin.

http://www.imdb.com/title/tt0118826/quotes
" I am sorry to tell you in quite this fashion.

Tell 'im 'e's dreamin'

http://www.youtube.com/watch?v=dik_wnOE4dk

///////////

Wise up.
Did you not read my second post.

" I am sorry to tell you in quite this fashion.

But >>>>Absolute Bullshit Moment. "


http://www.murga-linux.com/puppy/viewtopic.php?t=48548

Oh, I know the nasties came from another source, not Puppy Forum. Sorry if I gave the impression the problem originates here. Point being, if you're seeing popups here, you may already have trojans, possibly rootkits. At least, I had those guests on my WinXP laptop when I was seeing popups here. The incidents I mention above are reports on another forum.
http://www.murga-linux.com/puppy/viewto ... 144#378144

I personally experienced rogue AV popups and spontaneous browser closing using Puppy Seamonkey 1.1.8 on the problem site (not Puppy Forum). That's why I requested Adblock, and user Patriot supplied a link to the latest version for Seamonkey 1.1.x. Works good, smooth installation, no problems so far.
Adblock Plus version 1.0.2
https://addons.mozilla.org/en-US/seamon ... sions/1865

@cthisbear: np

" Oh, I know the nasties came from another source, not Puppy Forum. "

My apologies then.

Chris.

nubc

I find running ABP, + Noscript + WOT in either seamonkey or firefox/firepup works for most nasties

WOT will warn of sites before you visit, but spammer redirects are OS independent

https://addons.mozilla.org/en-US/seamon ... 7604afae7a

https://addons.mozilla.org/en-US/firefox/addon/3456


Aitch

With all due respect to everyone here, I believe the sanguine attitudes in this thread about the immunity of Linux and Puppy to viruses and other malware are inaccurate and unforunate.

Malware today is predominantly criminal in intent. It is often developed in parts of the world that are largely immune to western legal prosecution and it is often well-organized, technically proficient, and highly capitalized.

When Linux malware gathers steam it could be highly effective simply because the Linux community as a whole does not yet take the threat seriously and has not prepared for it. Many Linux users don't know to turn on their firewalls (it's not on by default in Ubuntu and Puppy... why not? it is in Windows), and they are under the impression they don't have to install anti-malware scanners. This makes them easy prey -- so when significant Linux malware appears, we could really get walloped, and our well-deserved reputation for superiority to Windows in this area could become tarnished. We could end up looking pretty naive for having not prepared to repel even the less sophisticated attacks that are initially expected.

I hope the Linux community will start to take this threat more seriously before we find our reputation compromised.

A windows user was scammed
Bless her, she now has a website
She was featured in this weeks BBC Click program
and is campaigning to make Windows safer and offering tests like so
http://www.cyberfraud.org.uk/risk/isyou ... rsafe.aspx

Taking these test you will find Puppy is 'unsafe' (not quite true)
In fact you might like to read how the Borg will be defeated in another multiverse . . .
http://www.ariel.com.au/jokes/Star_Trek ... cript.html

anyways . . . I wrote to her and suggested she used Puppy.
Which is safer than any known Windows configuration

For those needing military grade software I would recommend
BSD - but then . . . many military outfits are using Windows.
The NSA I believe use a hardened Linux

Maybe this scam and bad site search engine will be of use . . .
http://www.jasonmorrison.net/is-this-a-scam/

Perhaps someone would be kind enough to write a Puppy Virus
so that everyone who needs one can study the code?
(Make it Open Source)
- Or you might not bother . . .

Normal tin hat paranoia is now resumed . . .

I hope the Linux community will start to take this threat more seriously before we find our reputation compromised.

If you had any understanding on why windows gets infected you would not make such statements....a common myth.
Microsoft have known the cause and the cure for years but will never implement it because having an OS that will fails after a year or 2 is good business for them.

I have in the past deliberately clicked on scam links, visited dodgy sites and run infected binaries on puppy and the worst I ever got was a browser crash....try it.

mike

Perhaps someone would be kind enough to write a Puppy Virus
so that everyone who needs one can study the code?

Lobster,

Just for you [well not code, exactly as intended]



or anyone else wanting to spoof their non-believing friends

He He - A Puppy-harmless-virus

Aitch

Actually I seriously want a windows (and linux?) program to run an icon in the taskbar and have a pop up with reassuring 'you are up to date and safe' messages as the majority are so conditioned that viruses and antivirus crap is the norm they need a placebo I feel

mike

I have in the past deliberately clicked on scam links, visited dodgy sites and run infected binaries on puppy and the worst I ever got was a browser crash....try it.

Thanks guys

Puppy users are curious users.
We take responsibility for our actions. For example we intend to run as root and if we delete our files, we know we are the culprit. We want to access our hard drive and files without too much 'mounting'. We friskily go to the dangerous regions of scams and trojan downloaders.

We are not scared or slowed down by our computers or operating system. We don't need 'a reputation' because we are free and have nothing to lose.

Run GROWL if you need to
http://www.murga-linux.com/puppy/viewto ... 216#335216

Whatever you do - Do not go and press this button - you have been warned . . .
http://www.emergencyyodel.com/

Here is something for you to play with - a hackers Linux
(oops- I mean penetration testing software)
http://www.backtrack-linux.org/

Hi Pizza: I was trying the different settings in the xorgwizard and then typing xwin . Then I was away from that machine a few days and now it works perfectly.

Thanks for the advice, I made a copy of the commands you suggested and if it happens again I will be that far ahead.

Thanks!

Ok ...another scary button to press...this may infect your mind
http://indogo.org/music/tart2.swf

mike

Good Wikipedia article on Linux malware here -- http://en.wikipedia.org/wiki/Linux_malware. Great to see that AVG, Avira, and Avast! now all offer free Linux anti-malware.

Lots of 'could' and 'would' in there and no 'actuals'...seems like people want there to be a problem...no mention of why windows is so vulnerable and how those mechanisms do not exist on other systems.

Any system can be sabotaged if a file can be added and executed...the question is how is that achieved.

mike

ps did you press the button