Puppy Linux Discussion Forum

[mikeb]

From that thread you are talking about XP with Internet explorer installed...so normal behaviour...you don't even have to run IE to get those.

You made it sound like this had happend whilts using puppy...my misunderstanding sorry

regards

mike

[nubc]

@mikeb
Your first impression was correct. The problem happens with Puppy Seamonkey, there is a recent report of Ubuntu (Firefox) getting the rogue AV popups, and even Macs seeing the problem. Since these popups and page redirects come from advertising, a good temporary fix for Mozilla browsers is to stop the ads with Adblock.

[mikeb]

[drongo]

I have seen those kind of "scare-windows" a few times whilst using Puppy. They are quite amusing - especially the ones that refer to directories which you don't even have on your Windows partition - which isn't even mounted!

You sometimes see a pop-under window which only appears after you close or minimise the browser but this is just a scary window, it doesn't mean they are scanning or installing anything on Puppy Linux. Some of them are quite persistent - the only way I can get rid of these is to kill the process.

As far as I know, though, all quite harmless if you are using Puppy. I know this might be alarming for would-be Windows refugees but is it possible the pop-under is generated by a site you visited before Puppy Linux? If the Puppy forum is the last site you visit before closing the browser that's when you'd see the pop-under.

I usually visit the Forum with adblock enabled either on Seamonkey in Puppy or on Firefox in XP. Is it possible that's why nobody else has reported this? If it comes from an ad I'd never see it.

The last thing we should be doing is allowing these rogues to scare people away from Puppy.

[nubc]

word to the wise: When I was getting those popups on Puppy Forum, I actually had one trojan and three rootkits in operation on my Windows computer, which I occasionally used to visit the forums. The rootkits prevented my security software from detecting them, as well as preventing Windows security patches and updates from AVG.

[drongo]

Well tell us their names, then perhaps someone can scan the Forum for nasties - assuming it isn't some ad containing a cross-site script which is no longer present.

The problem with modern exploits like this is that one vulnerability may be used as an enabler or hook for something else to attack your system. You may have picked up the rootkits from elsewhere and these enabled some nasty on the Forum to try something else.

Worst infestation I have ever encountered (not on one of my own machines) was two and a half million files produced by a worm (I think it was) on a Windows Server. Couldn't even open that directory in Windows. If you opened a command line the machine rebooted. It modified something/System32/drivers/etc/hosts so that all common anti-virus sites were mapped to 127.0.0.1 . It prevented you viewing hidden directories or files which it had dumped on the machine and did a whole heap of other nastiness.

Fixed it with SLAX (Puppy wouldn't mount the RAIDed drives). Even that couldn't open a directory with millions of files in a graphical window so I deleted them all from CLI.

Point is, I have fixed broken/infested Windows boxes a few times with a Linux live-CD (usually Puppy)

I have never fixed a rootkitted Linux box with a Windows recovery disk!

[cthisbear]

" word to the wise: "

///////////

Dreamin.

http://www.imdb.com/title/tt0118826/quotes
" I am sorry to tell you in quite this fashion.

Tell 'im 'e's dreamin'

http://www.youtube.com/watch?v=dik_wnOE4dk

///////////

Wise up.
Did you not read my second post.

" I am sorry to tell you in quite this fashion.

But >>>>Absolute Bullshit Moment. "


http://www.murga-linux.com/puppy/viewtopic.php?t=48548

[nubc]

Oh, I know the nasties came from another source, not Puppy Forum. Sorry if I gave the impression the problem originates here. Point being, if you're seeing popups here, you may already have trojans, possibly rootkits. At least, I had those guests on my WinXP laptop when I was seeing popups here. The incidents I mention above are reports on another forum.
http://www.murga-linux.com/puppy/viewtopic.php?p=378144#378144

I personally experienced rogue AV popups and spontaneous browser closing using Puppy Seamonkey 1.1.8 on the problem site (not Puppy Forum). That's why I requested Adblock, and user Patriot supplied a link to the latest version for Seamonkey 1.1.x. Works good, smooth installation, no problems so far.
Adblock Plus version 1.0.2
https://addons.mozilla.org/en-US/seamonkey/addons/versions/1865

@cthisbear: np

[cthisbear]

" Oh, I know the nasties came from another source, not Puppy Forum. "

My apologies then.

Chris.

[Aitch]

nubc

I find running ABP, + Noscript + WOT in either seamonkey or firefox/firepup works for most nasties

WOT will warn of sites before you visit, but spammer redirects are OS independent

https://addons.mozilla.org/en-US/seamonkey/addon/3456?collection_id=1f340a06-ddaf-7206-6b98-517604afae7a

https://addons.mozilla.org/en-US/firefox/addon/3456


Aitch

[benali72]

With all due respect to everyone here, I believe the sanguine attitudes in this thread about the immunity of Linux and Puppy to viruses and other malware are inaccurate and unforunate.

Malware today is predominantly criminal in intent. It is often developed in parts of the world that are largely immune to western legal prosecution and it is often well-organized, technically proficient, and highly capitalized.

When Linux malware gathers steam it could be highly effective simply because the Linux community as a whole does not yet take the threat seriously and has not prepared for it. Many Linux users don't know to turn on their firewalls (it's not on by default in Ubuntu and Puppy... why not? it is in Windows), and they are under the impression they don't have to install anti-malware scanners. This makes them easy prey -- so when significant Linux malware appears, we could really get walloped, and our well-deserved reputation for superiority to Windows in this area could become tarnished. We could end up looking pretty naive for having not prepared to repel even the less sophisticated attacks that are initially expected.

I hope the Linux community will start to take this threat more seriously before we find our reputation compromised.

[Lobster]

A windows user was scammed
Bless her, she now has a website
She was featured in this weeks BBC Click program
and is campaigning to make Windows safer and offering tests like so
http://www.cyberfraud.org.uk/risk/isyourcomputersafe.aspx

Taking these test you will find Puppy is 'unsafe' (not quite true)
In fact you might like to read how the Borg will be defeated in another multiverse . . .
http://www.ariel.com.au/jokes/Star_Trek_Lost_Episode_Transcript.html

anyways . . . I wrote to her and suggested she used Puppy.
Which is safer than any known Windows configuration

For those needing military grade software I would recommend
BSD - but then . . . many military outfits are using Windows.
The NSA I believe use a hardened Linux

Maybe this scam and bad site search engine will be of use . . .
http://www.jasonmorrison.net/is-this-a-scam/

Perhaps someone would be kind enough to write a Puppy Virus
so that everyone who needs one can study the code?
(Make it Open Source)
- Or you might not bother . . .

Normal tin hat paranoia is now resumed . . .

[mikeb]

[Aitch]

[mikeb]

Actually I seriously want a windows (and linux?) program to run an icon in the taskbar and have a pop up with reassuring 'you are up to date and safe' messages as the majority are so conditioned that viruses and antivirus crap is the norm they need a placebo I feel

mike