Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 24 Nov 2014, 00:25
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Announcements
Serious security breach on Developer Blog
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 4 of 9 [121 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9 Next
Author Message
prehistoric


Joined: 23 Oct 2007
Posts: 1304

PostPosted: Mon 14 Jan 2008, 21:27    Post subject: attack motivation?  

@Caneri, nic2109,

Not really arguing. I said they were already aware they face criminal penalties, if caught. (As for their future, it depends on what they get away with first.) What I was trying to say is that criminal organizations are probably not yet willing to pay specifically for attacking Puppy Linux sites.

There is a real wave of spamming attacks taking place all over. (The infoweek article linked above by inged explains a lot about how.) I just found another example, checked the site using wget, and did a Google search for sites mentioning spamming and containing those links; they're widespread, and most are coping poorly. I'm not talking about the forces of darkness behind these.

My comments were about the small group which has been harrassing Barry and others for months, and has now found powerful weapons made available by others. The speed with which they adapt, and evidence of monitoring, suggests human control and a special interest in scoring against Puppy sites. If we can neutralize these people, threats from the general Internet community will propagate much more slowly in our direction. We don't have to catch them, just make them real cautious, make their successes less rewarding, and the effort more like real work. Besides, there is always the chance they will slip up under this kind of scrutiny.

As for countermeasures, If they could hear a group of old timers rhythmically chanting assembly code, from the days before C, they would know they were messing with necromancy and flee. (No, no, don't even consider chanting JCL, your soul is at stake.)

prehistoric

p.s. I have succeeded in provoking a response I was looking for. What does anyone know about member "bear"? Is his post what DSM-IV calls "word salad", or is he simply working in an unfamiliar medium? Check out all his posts!

Last edited by prehistoric on Tue 15 Jan 2008, 12:07; edited 2 times in total
Back to top
View user's profile Send private message 
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Mon 14 Jan 2008, 21:52    Post subject:  

cthisbear wrote:
Ignore the spoilers


How? By rebroadcasting something like this?

Quote:
...one good thing is that they happened before Barry travelled to India ...


Now for some more Ignoring the Spoilers:

Quote:
...don't know what measures Barry has for emergencies in regard for
someone here to put things to rights


Here's your answer:

Raffy wrote:
I did not have access to FTP last night

Reference: http://www.murga-linux.com/puppy/viewtopic.php?p=166728#166728

cthisbear wrote:
Don't laugh at this....but maybe Intel could monitor and out this crumb. They have money, resources etc....


Sorry, but must LOL at that one. BTW, Intel not only has money and resources, but they also have "etc," which includes an unwritten yet very real IOU note from Barry for their "unconditional donation" of the two ClassMate computers.

Quote:
why not use them whilst they are using Barry.


At least we agree that there's no free lunch.

_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send private message 
raffy

Joined: 25 May 2005
Posts: 4796
Location: Manila

PostPosted: Mon 14 Jan 2008, 21:58    Post subject: attack and survival  

prehistoric wrote:
..criminal organizations are probably not yet willing to pay specifically for attacking Puppy Linux sites.

..small group which has been harrassing Barry and others for months..

It's in this sense that I've been quiet about criticisms of the multiple web presence of Puppy Linux. It's a good survival strategy when attacks come, and surely they will.

_________________
Puppy user since Oct 2004. Want FreeOffice? Get the sfs (English only).
Back to top
View user's profile Send private message 
bobwrit


Joined: 12 Mar 2007
Posts: 286

PostPosted: Mon 14 Jan 2008, 22:18    Post subject:  

I've gotten hit now. It's not porn, but animie emoctions. There has been some posts that refer to puppy and thus it would explain it, but I know for my site A) I've got no way of removing the icons and B) it's a hhe ole in aceboard that has caused it. My site dosn't use phpbb. It's probaly an SQL or JS injection.
_________________
I need help with my forum. LINK:http://www.programers.co.nr/
http://www.freewebs.com/programm/iframe.html is my gateway page...
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Mon 14 Jan 2008, 23:26    Post subject:  

Quote:
I've got no way of removing the icons
Why not? They didn't change your password on you did they?
_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
bobwrit


Joined: 12 Mar 2007
Posts: 286

PostPosted: Mon 14 Jan 2008, 23:36    Post subject:  

No, no change in password. Just that in the admin uploaded smilies list they're not there. It's only the admin that can upload smilies on the board too.
_________________
I need help with my forum. LINK:http://www.programers.co.nr/
http://www.freewebs.com/programm/iframe.html is my gateway page...
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger 
bear

Joined: 25 Dec 2007
Posts: 14

PostPosted: Tue 15 Jan 2008, 06:23    Post subject:  

@prehistoric

As far as i understood when I followed a link earlier from this thread some like that turkish guy use Barry's site as a proxy to illegal sites.

The rats show themselves on what they die, the bear shows his children....
About porn: maybe a year ago I suddenly saw spam in the forum from a poster named Grizzlybeer, which had been removed in minutes (shocking to me).

Maybe two decades ago Berlin was the second biggest turkish city!


So, what do I mean?

Personal attack to Barry or not maybe the question.

We're all lucky when we've got a job and we all know that the states employees always have to work coz work is growing and growing.

Months ago I saw in a post from NathanF his mp3's: shocking, "Spooky Tooth". (Couldn't buy them myself at that time)

In my opinion and knowledge secret services behave like flies: definately senseless (no more cold war)!

Nothing to do
Back to top
View user's profile Send private message 
bear

Joined: 25 Dec 2007
Posts: 14

PostPosted: Tue 15 Jan 2008, 06:39    Post subject: P. S.  

in 1982 I saw my bookcase for a second in TV.

Talking with my woman, however daily I took an hour for myself in "my own" room. Listening to culture radio, the 2nd biggest Radiostation in Europe behind TASS.

Was it "tea time small talking" at seven pm?

EHEM!!!
Back to top
View user's profile Send private message 
rockym93


Joined: 04 Jul 2006
Posts: 21
Location: Australia

PostPosted: Tue 15 Jan 2008, 07:24    Post subject:  

DON'T POST WHEN YOU'RE LEAVING. If they know you're away, they can strike without it being fixed.

This guy did (ironically enough he was going to India too), and ended up losing his domain name. Unrelated to porn links but better safe than sorry.

http://davidairey.co.uk/google-gmail-security-hijack/

_________________

Back to top
View user's profile Send private message Visit poster's website 
raffy

Joined: 25 May 2005
Posts: 4796
Location: Manila

PostPosted: Tue 15 Jan 2008, 09:36    Post subject: planted  

In one site that I keep, it has planted php and mysql code on December 24, 2007, and the scripts have been intermittently called since then.
_________________
Puppy user since Oct 2004. Want FreeOffice? Get the sfs (English only).
Back to top
View user's profile Send private message 
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Tue 15 Jan 2008, 12:37    Post subject:  

Wonder what OS is in use by these Puppy hosting companies? Wink
_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send private message 
MU


Joined: 24 Aug 2005
Posts: 13644
Location: Karlsruhe, Germany

PostPosted: Tue 15 Jan 2008, 13:38    Post subject:  

Servage: Linux node2.c23 2.6.17-1.2142_FC4smp
So seems to be Fedora Core 4.
On minisys.org we use Slackware, Suse and Puppy, it depends on the Sub-websites. We migrate from Suse to Slackware/Puppy currently, but this is not completed yet.
Mark
Back to top
View user's profile Send private message Visit poster's website 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Tue 15 Jan 2008, 14:38    Post subject:  

AJ
To answer your question.

Initiating server query ...
Looking up IP address for domain: puppylinux.com
The IP address for the domain is: ********************
Connecting to the server on standard HTTP port: 80
[Connected] Requesting the server's default page.
The server returned the following response headers:
HTTP/1.1 200 OK
Date: Tue, 15 Jan 2008 18:29:09 GMT
Server: Apache
Last-Modified: Sun, 13 Jan 2008 19:31:34 GMT
ETag: "6ab00dd-8bbf-9b777180"
Accept-Ranges: bytes
Content-Length: 35775
Connection: close
Content-Type: text/html
Query complete.

Just for the heck of it I queried everybody in this thread that has a page and I did not find a single MS host server.

Das ist auch gut so Smile
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11131
Location: The Peoples Republic of California

PostPosted: Tue 15 Jan 2008, 17:06    Post subject:  

This is the first I noticed this topic. Condolences extended.

After reading it through, my first theory was: It starts with a php capability which in turn exploits a wordpress vulnerability.

Following this theory, I then checked: Google wordpress php vulnerability
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1304

PostPosted: Tue 15 Jan 2008, 18:05    Post subject: Doesn't this sound relevant?  

Notice this response to John Murga's announcement of security downtime by "bear".
http://www.murga-linux.com/puppy/viewtopic.php?t=25457

Quote:

move it to spam

NATHAN war der Weise!


Remember, how Nathan's Grafpup differs? He does not use root privileges for everything.

Bear has made 14 posts since 25 Dec 2007, and half of them were today, and also rather strange. He has not made any posts to German threads, yet he appears to speak German as well as he speaks any language.

I would say he decided this identity was compromised very recently and threw caution to the winds.

If bear isn't connected with security problems and spamming, what does this mean? Perhaps, he will post an explanation in this thread.

prehistoric
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 4 of 9 [121 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Announcements
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0943s ][ Queries: 12 (0.0053s) ][ GZIP on ]