Viruses in PUPPY Linux, YES, "Viruses in Linux"

For discussions about security.
Message
Author
Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#31 Post by Sylvander »

I'd be inclined to:
Ctrl+Alt+backspace
To drop ot a command prompt...
Then:
xwin
To come back into the desktop...
Then:
Restart Firefox...
And choose which of the windows/tabs to restart...
By un-ticking the window/tab with the problem.

Any reason this wouldn't work?

Bruce B

#32 Post by Bruce B »

Vulnerabilities don't exist anywhere and everywhere.

A vulnerability can only exist if it actually exists. Even at that, it has to be successfully exploited to be of consequence.

We still don't have to my knowledge a verified report on any Puppy users having been exploited.

~

Bruce B

#33 Post by Bruce B »

Sylvander wrote:I'd be inclined to:
Ctrl+Alt+backspace
To drop ot a command prompt...
Then:
xwin
To come back into the desktop...
Then:
Restart Firefox...
And choose which of the windows/tabs to restart...
By un-ticking the window/tab with the problem.

Any reason this wouldn't work?
It would kill the Browser and all X apps.

My question is how does it kill them? If it doesn't kill them nicely file corruption can occur with applications like Firefox

~

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#34 Post by nooby »

Sylvander wrote:I'd be inclined to:
Ctrl+Alt+backspace
To drop ot a command prompt...
Then:
xwin
To come back into the desktop...
Then:
Restart Firefox...
And choose which of the windows/tabs to restart...
By un-ticking the window/tab with the problem.

Any reason this wouldn't work?
I have not tested more than one or two or three times but my poor memory tell me that FF remember all the tabs like you also indicate and how do I remember which of them that I was supposed to kill.

Okay one can do a workaround. To never have more than one tab open then one always know what to kill.

Fortunately it happen rather seldom that one have to kill a FF session.

But sometimes it lock up forever waiting for an ad that never loads and the FF is hanging and don't allow any other operation either it even refuse to get shut down using Ctrl+W

I had not heard of the Ctrl+F4 is that a FF thing or a OS or JWM thing?

I found this using google

For those of us Firefox users who love the tabs, Ctrl-F4 is an indispensable tool for ... It turns out, the solution is obvious to any average linux user, ...
forum.eeeuser.com/viewtopic.php?id=7256

Hope I remember this one next time something happens.

Does one still get the virus downloaded?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Sky Aisling
Posts: 1368
Joined: Sat 27 Jun 2009, 23:02
Location: Port Townsend, WA. USA

#35 Post by Sky Aisling »

Thank you GCMartin for posting this thread. Thank you Nooby for keeping the 'newbie' voice alive in the discussion. Thanks to all for the thoughtful contributions.

Bruce B

#36 Post by Bruce B »

Firefox has open about 240 files. Of these files about 20 are open for updating and writing back.

I take the extra time to close it gently so it has a chance to finish writing the files which are intended to be written back. If it is in the middle of a write operation and it is forcibly killed, it will not finish writing. A partially written file is a corrupted file. What else could it be?

~

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#37 Post by nooby »

Bruce if one consider what you just wrote, what am I supposed to do?
What is it you do? I read your words again and again but have no idea.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
James C
Posts: 6618
Joined: Thu 26 Mar 2009, 05:12
Location: Kentucky

#38 Post by James C »

I ran into this a while ago and posted on a different thread.
http://www.murga-linux.com/puppy/viewto ... 014#512014

Nothing bad happened, just entertaining to watch. :)

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#39 Post by Sylvander »

1. Perhaps I should have said...
That my pupsave on the internal HDD...
(a) Is treated as though it's a pupsave on a Flash Drive. [I use this method]
Then...
(b) I use this method so no changes made during the session are auto-saved back to the pupsave during the session.
[I can choose if/when to do it manually, by clicking the "Save" icon on the desktop]
Then...
(c) I use this method to be given the choice at shut-down/reboot "to save or not to save".

2. Hence I can drop to a command prompt with no nasty consequences.

Bruce B

#40 Post by Bruce B »

nooby wrote:Bruce if one consider what you just wrote, what am I supposed to do?
What is it you do? I read your words again and again but have no idea.
Have you ever read posts where Firefox crashes all the time? I don't have that problem.

I respect the software and what it is doing. I shut down gently, even if it takes extra work.

Do you want a how to?

~

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#41 Post by nooby »

If I want a how to close down gently?
Yes that what I asked but maybe failed to express clearly! :)
I use Google Search on Puppy Forum
not an ideal solution though

Bruce B

#42 Post by Bruce B »

Nooby,

Here is your how-to practice it on a normal running firefox. Use it in the even firefox hangs loading a page, acts up, or looks like a website is up to mischief.

1) Left-Alt+Left-Ctrl+F2 (drops you to a text mode tty)

2) Enter login name and password

3) Open htop

4) Select the firefox threads, use arrow keys and kill them with signal 15

5) Left-Alt+F3 (or F4 or F5) depends on number of ttys to return to X session

I use this when X locks up because some mal designed web page has brought the browser and all of X to a virtual standstill

~

gcmartin

Scenario to consider

#43 Post by gcmartin »

A scenario: this is an hypothetical case for comment
Lets suppose someone has a forum. And, a moderator of that forum chooses to use their power to 'target' a forum member. Invading the member and placing a poison pill that begins to go the work on the member's network PCs. Should this be called a virus if it begin its bad behavior from a Linux machine?

Questions which arise
We all know this is misuse of power, but;
  • should a "poison pill" like this be called a virus?
  • when this is detected, where or how should it be reported?
  • What would you do if you discovered this?
  • And, if you found that it was corrupting your filesystems, then what?

postfs1

#44 Post by postfs1 »

To reedit up to date.
Last edited by postfs1 on Mon 28 Mar 2016, 00:39, edited 1 time in total.

User avatar
Sky Aisling
Posts: 1368
Joined: Sat 27 Jun 2009, 23:02
Location: Port Townsend, WA. USA

#45 Post by Sky Aisling »

Here is Wiki's definition of 'Virus' (not that Wiki is the last word in definitions)

http://en.wikipedia.org/wiki/Computer_virus
Computer virus ...
Not to be confused with Malware.

A computer virus is a computer program that can copy itself[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.[2]

Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.[3][4] ...
Perhaps this can give a point of reference in the discussion.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#46 Post by nooby »

Thanks Bruce. What user name and password has Puppy?
When are one supposed to set up such for root?

We need a better word than Virus to refer to unwanted intrusion.

Unwanted Deceptive Code entering the computer regardless of how it did enter.

Could be the user who click a deceptive link.
I use Google Search on Puppy Forum
not an ideal solution though

gcmartin

#47 Post by gcmartin »

Yes @Sky Aisling and Yes @Nooby. I think you're seeing what I getting at. Others are too.

Its not just that exploitation occurs; they do and will continue. But, in Linux, who delivered the notion that exploitations (viruses) "do not occur?" Further why did this notion occur. This is NOT a conspiracy, Its a paradigm.

We are saying (asking) the same?

When I report an anomaly that is observed within a subsystem/OS, it gets patched or fixed via an upgrade. Often times, we are told that it is a security mod.

But, often times the user community is exploited before the discovery is made. When in Linux, what are we to call it?

This is not a "yell in the wild". The awareness level is already being seen right here in Puppyland.

User avatar
8-bit
Posts: 3406
Joined: Wed 04 Apr 2007, 03:37
Location: Oregon

#48 Post by 8-bit »

I picture Flash running from his live DVD puppy with no hard drive.
So in his case, I guess it would be that the computers memory got a virus.
It would take a bit of extra work for a virus to be set up so as to save itself to a live DVD session!

I also got one of those popup warnings that my computer was infected and a quick scan was being done.
So I see a Windows XP desktop with a virus scanner running.
I was running Puppy and thought it was fun to watch.

But.....

My wifes PC running Windows XP had the same thing show up.

I walked over and powered down her computer, but the damage was done.
After rebooting, any application I tried to open brought up a popup window saying the application was infected and to buy their product to remove the virus.
I determined a startup program had been installed and booted Puppy from cd and removed that nasty program.

So in my case, I lucked out.

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#49 Post by Sylvander »

Just now discovered that a 1GB Flash Drive I use to hold valuable/useful PET files and such...
Has LOST all of its former contents...
Which have been replaced by .REC and .REN filpairs...
Numbered from 0000, increasing by one digit steps all the way to 0127, when .REN ceases, and .REC continues all the way to 1342. :(

This drive was probably connected at the time of "the event" mentioned previously.
Attachments
00.jpg
(23.21 KiB) Downloaded 781 times

Bruce B

#50 Post by Bruce B »

Sylvander,

Would it be too much trouble explaining step by step what happened?

Bruce

~

Post Reply