Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 24 Apr 2014, 08:13
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Why is this strange IP address in Network connections?
Post new topic   Reply to topic View previous topic :: View next topic
Page 13 of 15 [211 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13, 14, 15 Next
Author Message
James C


Joined: 26 Mar 2009
Posts: 5453
Location: Kentucky

PostPosted: Sat 18 Jan 2014, 15:33    Post subject:  

Nope....Ubuntu knows about it too.....

http://askubuntu.com/questions/145012/how-can-i-find-my-public-ip-using-the-terminal

Quote:
icanhazip.com is my favorite.

curl icanhazip.com
Back to top
View user's profile Send private message 
01micko


Joined: 11 Oct 2008
Posts: 7547
Location: qld

PostPosted: Sat 18 Jan 2014, 16:15    Post subject:  

A default full install of Slackware calls out to akamai - read more.
This is only when KDE is set to the default DE.

This does not affect any slacko puppy as KDE and it's libs are not used in the default install.

_________________
Woof Mailing List | keep the faith Cool |
Back to top
View user's profile Send private message Visit poster's website 
gcmartin

Joined: 14 Oct 2005
Posts: 3645
Location: Earth

PostPosted: Sat 18 Jan 2014, 16:57    Post subject:  

Again I'll directly ask those in objection. HOW is this exposing Puppy users to exploit? Is there any evidence that the many thousands of users of PUPs that this exposes exploitation to any of them?

I am truly curious whether there is real exposure??? If there is no known real exploitation, is there a creditable hypothesis that the presence method used in PUPs which can be turned into exposure???

I am really curious.

BTW, has anyone other than I noticed that the OP has abandoned this thread?

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 2109
Location: New Zealand

PostPosted: Sun 19 Jan 2014, 01:44    Post subject:  

gcmartin wrote:
Again I'll directly ask those in objection. HOW is this exposing Puppy users to exploit? Is there any evidence that the many thousands of users of PUPs that this exposes exploitation to any of them?

Ironically I think 01micko, mavrothal and others in favour of allowing the external IP check provided the best answer to this question by saying that making the connection (or 'request' - whatever you want to call it) to icanhazip was no more risky than using a browser.

So, please consider the situation of someone who does NOT WANT to use a browser (either for the current session only, or forever - doesn't matter...) - if they boot a recent puppy, believing they are only accessing only their local LAN, in fact they are incorrect. The puppy is guaranteed to try to go external and become active on the WAN.

I understand that different people evaluate this action as offering varied risk for exploit - some say zero risk, others say some potential risk.

So - in answer to your question about HOW it is exposing the user to exploit - it still seems to me that a puppy that stays on the LAN only is at less risk than a puppy that becomes active on the WAN. (I realise others may feel that they have already provided justification as to why my fear is ungrounded, and they can feel free to condemn my ignorance..)

I guess my question in return is this: If I boot my puppy with no intention of opening my browser am I at less risk, more risk, or equal risk to someone who boots puppy and DOES open a browser?

EDIT : What if I have 4 puppies on my LAN - 3 for the wife and kids to use for word processing and offline stuff, and my one that is used for internet access. Previously I thought the 'offline' PCs were 'offline' and only the 'internet' puppy went beyond the router. Today, I know differently and feel that those 'offline' PCs are at risk of exploit that I didn't previously expect.

But then - if it is the router that is requesting an external IP on behalf of EVERY PC on the LAN - maybe I was already exposed before ipinfo came on the scene...
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 1388

PostPosted: Sun 19 Jan 2014, 03:51    Post subject:  

greengeek wrote:

But then - if it is the router that is requesting an external IP on behalf of EVERY PC on the LAN - maybe I was already exposed before ipinfo came on the scene...

As Mick said, if you do not want toleave footprints, do not walk.
Is funny that we discussing this when only 3 days ago a security firmed published that everything from routers to refrigerators! has been compromised in a thing-bot scheme.
What someone has to consider though is that this is not because they ask for an IP or DNS or something but because of either brute force or some low level exploit.
Now if your router is compromised you do not really need to connect to anything to get exploited...

So the only way to be safe is to disconnect the ethernet cable, remove the wifi card and do not use any of the USB sticks what have radio frequencies for spying.

BTW it would be nice to see some report that just issuing a wget request (the one ipinfo etc use) can be used for exploits from any site - assuming you do not request a trojan, virus etc of course.

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
gcmartin

Joined: 14 Oct 2005
Posts: 3645
Location: Earth

PostPosted: Mon 20 Jan 2014, 14:27    Post subject:  

Greengeek wrote:
... So, please consider the situation of someone who does NOT WANT to use a browser (either for the current session only, or forever - doesn't matter...) - if they boot a recent puppy, believing they are only accessing only their local LAN, in fact they are incorrect. The puppy is guaranteed to try to go external and become active on the WAN. ...
Hi @Greengeek, you are correct!

But, remember, the original idea (basis) for Barry's implementation was NOT as a LAN system, rather, as a PC capable of using the modem or the LAN for Internet use with some local apps. This was done to both make it attractive to users and to provide pathway for the local PC's expansion via its PPM and other Linux offerings available. Thus, its intended purpose was a single, simple, standalone PC with internet capability for our use.

From MY point of view, his builds were never intended for a LAN based audience, otherwise, we, you and I would have seen many more LAN server functionality included in Barry's approaches back then and even today,

For example, Sharing from a local PC with other LAN users is incorporated in almost every Windows and Mac PCs. Further those PCs could interchange information with each other on the LAN as well. But, it wasn't until recent years that several of the PUP distros have included a functioning SAMBA to so such. (As you may know, over 99% of all PCs in the world have SMB sharing operational in the base system with never any need to install anything....Never. It intends to make easy sharing for people who would not understand. )

Further, as I have tried to share in earlier posts, your PC does a simple LAN test that most everyone is NOT aware that these tests go on. The fact that it is done, does NOT make your PC vulnerable to any attack. Nor is it subversive in the benefit it provides to the user PC. It provides benefit to user PCs while not compromising one to exploit.

These things have been done to make it easy for most system users to use their local PCs without have to go thru the trouble to go thru any exhaustive ritual each time we want to test a PUPPY ISO.

Lastly, advance users can turn things off and there is more than enough information in the forum to guide those who wish to.

I don't make any rules and I don't write any code. But, I can see, and understand the many things that distro developers do in their efforts to make a simple and easy package for users to step into.

I may not agree with what they've done, but, I also see benefit in much/most of what they try to do for us. This is just one example of it.

Hope there is some benefit to this info I share.

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send private message 
OscarTalks

Joined: 05 Feb 2012
Posts: 753
Location: London, England

PostPosted: Tue 21 Jan 2014, 12:27    Post subject:  

Someone somewhere mentioned the missing icon on the exit button in the Firewall ON/OFF dialog. It is missing in the older versions of Firewall State too in fact. Anyway, I figured out how to fix it. I just put gtk-no in place of gtk-info for the icon. I'm sure there must be other alternatives but I think it looks OK like this.
fixed-exit-icon.jpg
 Description   Looks better with an icon on the Exit button
 Filesize   27.5 KB
 Viewed   311 Time(s)

fixed-exit-icon.jpg


_________________
Oscar in England

Back to top
View user's profile Send private message 
Atle

Joined: 19 Nov 2008
Posts: 282
Location: Oslo, Norway

PostPosted: Wed 22 Jan 2014, 05:25    Post subject:  

I guess somehow that it takes a few threads to sort out a bug, be it real or not..
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
mavrothal


Joined: 24 Aug 2009
Posts: 1388

PostPosted: Wed 22 Jan 2014, 05:51    Post subject:  

Atle a week ago you said
Quote:
There is a someone...

And that someone just needs to get the facts and the code to audit it from a technical and ethical perspective.

What's the story Confused

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
Atle

Joined: 19 Nov 2008
Posts: 282
Location: Oslo, Norway

PostPosted: Thu 23 Jan 2014, 06:19    Post subject:  

I did request information to pass over if any, but there is non so far...
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
mavrothal


Joined: 24 Aug 2009
Posts: 1388

PostPosted: Thu 23 Jan 2014, 07:17    Post subject:  

Atle wrote:
I did request information to pass over if any, but there is non so far...

What more information other than the one in the previous 12 pages you may want?
Did you consider that may be nothing else to add?

By the way, does the request for "additional info" and the apparent reluctance to proceed for a week now with the already available info, suggests that you find nothing condemning/questionable in the last 12 pages anymore?
If yes, say so!
If no, pass these (according to your opinion) condemning/questionable points (with the rest of the tread) to the trusted expert you suggested.
Otherwise it may look as you would rather has this lingering for ever.

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
Atle

Joined: 19 Nov 2008
Posts: 282
Location: Oslo, Norway

PostPosted: Thu 23 Jan 2014, 08:41    Post subject:  

I think its perfectly fair to bring up this issue.

3 years and finally there seems to no questions left to ask?

Or is it?
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
mavrothal


Joined: 24 Aug 2009
Posts: 1388

PostPosted: Thu 23 Jan 2014, 08:58    Post subject:  

Atle wrote:
I think its perfectly fair to bring up this issue.

3 years and finally there seems to no questions left to ask?

Or is it?


No problem in bring it up.
Questions has been asked and answered more than once, albeit some do not get the answer that they want.
Thus the "outsider".
But it would appear you just prefer this issue to linger and look "unanswered" so next time, a year from now, someone can claim a "4-year old issue...".

So let's have a straight answer:
are you consulting with your expert with the currently available info or not?

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
Atle

Joined: 19 Nov 2008
Posts: 282
Location: Oslo, Norway

PostPosted: Thu 23 Jan 2014, 13:25    Post subject:  

I have not received anything to audit
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
mavrothal


Joined: 24 Aug 2009
Posts: 1388

PostPosted: Thu 23 Jan 2014, 13:33    Post subject:  

Atle wrote:
I have not received anything to audit

That would be a no then.
Thank you for confirming that after 2 months of discussions there are no open questions and you have nothing to audit.

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 13 of 15 [211 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13, 14, 15 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0896s ][ Queries: 12 (0.0116s) ][ GZIP on ]