Precise 5.4.3 LiveCD contains botnet client? (Solved)

[James C]

01micko had the answer on the next page of the thread in this post
http://www.murga-linux.com/puppy/viewto ... 729#514729

see /usr/sbin/ipinfo

This has been discussed many times. If you don't like it remove it.

[James C]

Yes......same deal as the other thread.

We found 2 hostnames for IP Address 198.101.241.44 [ Lookup this IP ]
1. icanhazip.com
2. 198.101.241.44

from

http://198.101.241.44.ipaddress.com/

[James C]

Sorry me so laxy. I did take a look and my old Lupu 528-005
does connect to 198.101.241.44 I have had the OS running now
since about 6AM and still now 10.13 it still list it in the IPstat
that comes up if one click on the icon in tray. It says
FIN_WAIT1 whatever that refers to.

I should look in /usr/sbin/ipinfo now
it says?

PROGRAM: ipdisp
# AUTHOR: Vovchik
# PURPOSE: GUI to show IP config info
# DATE: 14 May 2009
...
# external ip
var0="`wget -O - -q icanhazip.com`"

I remember from other threads that
icanhazip.com` is what General Hayden server may be named.

So it would be possible to change that name but most likely it
only last for that session and get back when one reboot?

So either a very innocent way to check that it works
or a CIA way to have total control through Linux?

Should have read the next page of the thread....
http://www.murga-linux.com/puppy/viewto ... 530#644530

rackerhacker wrote

I'm Major Hayden and I operate icanhazip.com. The purpose of the site is to allow people to find their external IPv4/IPv6 address with zero advertisements, cookies, or tracking of any kind. I work for a pretty large hosting company and I'm able to provide the service to people free of charge.

It sounds like Puppy Linux has been updated to query my site to figure out the external IP address of machines running Puppy Linux. I didn't make that change and I didn't have any input on the change.

With that said, I have absolutely no issues with Puppy Linux using my site and I welcome any other questions or comments you have about icanhazip.com.

As an aside, you should know that:


neither of my parents have Hayden as their last name
I have zero affiliations with any government agencies (I work for a large hosting provider)
I welcome any comments or questions that you have



You can find me on freenode as 'rackerhacker' if you want to get in touch.

[nooby]

Sorry now that you remind me then I remember that exact post.
so typical of Nooby I can not rely on my memory but I did suggest
that it was a known thing in my first post?

I am in Zeven OS now and xUbuntu so would be cool to know if
them also use same IP how does one look?

[roadkill13]

rerwin wrote:

IIRC, the first version of Precise was 5.4, not 5.3.3.

I have a puppy that identifies itself as Puppy Precise 5.3. See below.

=== Distro ===

Precise Puppy 5.3.0

=== Window Manager/Desktop Environment ===

Current window manager: OPENBOX (starts from C.L. with: 'xwin openbox-session')

JWM vsvn-574
ROX-Filer 2.11

=== Network Interface ===

wlan0 connected

=== report-video ===

Precise Puppy, version 5.3.0 on Mon 4 Nov 2013

Chip description:
2.0 VGA compatible controller
Intel Corporation Mobile 945GM/GMS, 943/940GML Express Integrated Graphics Controller (rev 03)
oem: Intel(r) 82945GM Chipset Family Graphics Chip Accelerated VGA BIOS
product: Intel(r) 82945GM Chipset Family Graphics Controller Hardware Version 0.0

X Server: Xorg
Driver used: intel

X.Org version: 1.11.3
dimensions: 1280x800 pixels (338x211 millimeters)
depth of root window: 16 planes
Release Date: 2011-12-16
Build Date: 04 April 2012 11:58:38PM

=== /etc/rc.d/PUPSTATE ===

PUPMODE=12
PDEV1='sda1'
DEV1FS='ext4'
PUPSFS='sda1,ext4,/precise5.3.0frugal/puppy_precise_5.3.0.sfs'
PUPSAVE='sda1,ext4,/precise5.3.0frugal/precisesave.4fs'
PMEDIA='atahd'
#ATADRIVES is all internal ide/pata/sata drives, excluding optical, excluding usb...
ATADRIVES='sda '
#ATAOPTICALDRIVES is list of non-usb optical drives...
ATAOPTICALDRIVES='sr0 '
#these directories are unionfs/aufs layers in /initrd...
SAVE_LAYER='/pup_rw'
PUP_LAYER='/pup_ro2'
#The partition that has the precisesave file is mounted here...
PUP_HOME='/mnt/dev_save'
#(in /initrd) ...note, /mnt/home is a link to it.
#this file has extra kernel drivers and firmware...
ZDRV=''
#complete set of modules in the initrd (moved to main f.s.)...
ZDRVINIT='no'
#Partition no. override on boot drive to which session is (or will be) saved...
PSAVEMARK=''
PSUBDIR='/precise5.3.0frugal'

If 5.4 was the first official Precise which Puppy do I really have? I have not downloaded UPUP to the best of my knowledge.

[Hogweed]

There were some official (Barryk) 5.3 Precise series beta releases.

There was also this http://murga-linux.com/puppy/viewtopic.php?t=80431

Post about confusion of the variants here http://bkhome.org/blog/?viewDetailed=02958

[roadkill13]

Thanks Hogweed. I was aware of the "ov" variant and actually tested it. It was easily identified by the presence of "ov" in the sfs file of the iso. The one I have is clearly Precise 5.3.0 and does not have some of the packages included in "ov".

Probably a beta then. I wonder if the 5.4 devx willsuffice for compiling software as this version is working extremely well on my Acer Aspire laptop.

[Atle]

So the last sentence on the first page of the forum thread ends like this last year:

Nooby:

So either a very innocent way to check that it works
or a CIA way to have total control through Linux?

And then ends with the post as seen above... last year...

What i feel I can not understand what is solved?