Puppy Linux Discussion Forum

[prehistoric]

Just found a Puppy-related site displaying a login for LoLoLa, (don't have the accents right,) which a Google search seems to show as a singles' site. If anyone finds others out there, get the time of the attack as closely as possible, so we can trace propagation. I've notified the operator by gmail, while checking other sites.

prehistoric

edit: Now identified this as a Trojan, with name LoLoLo. Above name was mistake due to appearance.

[ymer]

If that's a Trojan, then www . ttuuxx . com is hacked also, the same LoLoLo stuff is displayed at its front page.

[prehistoric]

@ymer,

Didn't you stop to think why I failed to provide a link to a Trojan?

Are you under the control of dark powers?

prehistoric

[Caneri]

Thanks for the info.

eric

[RobertB]

I don't know if this is helpful to the problem, but I noticed in the TouTou Puppy thread ( http://www.murga-linux.com/puppy/viewtopic.php?t=24074 ) that there's a posting by "John Smith" that is an exact copy of the (French!) posting above it. It's the only posting by that user.

*EDIT* The duplicate posting features a link to a laser pointer sales site in the .sig. Also, when they cut-n-pasted the text, they turned "Cordialement " into "Cordialement Wink"...

[Flash]

If you mean this post, I'll remove it if the consensus is that it is spam. (And remove the poster from the membership list too.)

[prehistoric]

Things are slow here. Been off elsewhere, tracking. "bear" may have left a calling card on the computation freebies board some little time ago.
(WARNING: use any links with shields up! "pfix=ram", etc.)
http://freeforums.bizhat.com/index.php?mforum=com&showtopic=537&st=0&#entry1164
Doesn't anyone ever clean up that site?

How does the date and content compare with BarryK's problems? Has anyone seen an earlier example of this particular genre?

prehistoric

[ymer]

[prehistoric]

@ymer,

Sorry, I was upset because I had had no response from all my attempts to contact ttuuxxx and the Trojan was still up. There was a typo which prevented the clueless from simply clicking through, so it did no real harm. Caneri saw it and realised he needed to disable some links, which was good.

@anyone,

I've now figured out how to handle warnings in that particular case. We need a better way in general to notify site administration when a hacked site is discovered. Suggestions?

prehistoric

[maddox]

might sound dumb, what about pseudo user accounts for this
use their trick

[Sage]

I've been urging John to complete his appointment of additional savvy moderators, preferably distributed evenly across the globe. Originally, this I envisaged would better deal with the persistent spammers who remained visible until sun up in Arizona, but now the need becomes much more urgent.

[prehistoric]

Here's a quote from a PM I sent while worrying about the issues of openess and secrecy in relation to our current problem.

[paulh177]

that blog is worth a read, but is at http://blog.funtoo.org/ (the link from primitive's PM is broken for me)

[JohnMurga]

Hi,

I have received a lot of e-mails and private messages on this subject, and I am monitoring the situation and this thread. I have regular backups, and the whole server - and forum software will be upgraded some time at the end of Jan, when hopefully I'll have some time to go through the moderator situation too.

Either way I'd like to thank Flash publicly for taking care of everything moderation related so well for us

Cheers
JohnM

[kattami]

Maybe its an idea to use the wiki at www.tiddlywiki.com that stores everything in one single html file? There is also a kubrick theme that is similar to the wordpress theme for tiddlywiki here:

http://tiddlythemes.com/empties/Kubrick.html

I would think that there would be no need for servers with stuff installed, like php scripts, to have a blog online if using tiddlywiki. And if writing offline and then upload to website it will be quick to delete everything on a website if something gets compromised and insert fresh copy from the one offline.

But minus with tiddlywiki is that per today its only firefox and IE that saves changes to tiddlywiki with no problems, and that some say it gets slow when its big. Opera has a problem with saving to the file and need some extra jar file which may not work. I dont know if Seamonkey is able to save to tiddlywiki.

As for security breaches and hacking attacks, its a good question who may be behind them. Some think that even governmental elements would like to get rid of things that is focused on freedom and cooperation and sharing. After all, the internet grew to be the peoples net and not something that could be controlled. I know someone in China so I hear very often about how they are blocked from websites and such. Thats the government whos doing this.

PS: As a matter of fact I told this person about puppylinux and a few days later I heard that all sites on puppylinux is blocked in China where they are (dont know how it is with other cities there). Really strange to hear...