If it's not well secured at the outside (firewalled properly) then it *could* be one way something like that could get in, yea. Especially if you're running any open services which may have unpatched vulnerabilities.

i have a firewall software on every device connected to my house's net, a firewall setted up in the modem/router

Someone appears to have gotten themselves a rootkit of some sort. We were just tryin' to help him diagnose the situation.

I see.

Seems the thing tries to make itself at home with a little http/torrent server and a pile of data transfer.

Someone appears to have gotten themselves a rootkit of some sort. We were just tryin' to help him diagnose the situation.

* i got that rootkit, but don't ask me how because I don't know *

A friend of mine got a similar thing one time by running himself a little public Joomla website and not bothering to keep it updated with the latest security fixes.

Speaking of updates, I think I'll update my own server real fast. :)

Speaking of updates, I think I'll update my own server real fast. :)

I usually download updates 4/5 times a day

it looks for lua and related libs (http, crypto, torrent). I'll send the strace log.

http://ix.io/uqX

http://ix.io/uqX

Nice! Thank you. :)

but strace isn't the ideal tool. it losts the track when the process forks...

you'll have more luck with sysdig

but strace isn't the ideal tool. it losts the track when the process forks...

*humor* maybe syslogd is better

AHAHAHAH

It's enough to see some basic idea of what it's up to tho. Seems like it's trying to set itself up as a little server inside his machine. It's definitely NOT syslogd, tho, that's for certain now. :)

ssh and scanner? Maybe it's trying to brute force other machines?

It's enough to see some basic idea of what it's up to tho. Seems like it's trying to set itself up as a little server inside his machine. It's definitely NOT syslogd, tho, that's for certain now. :)

HAHAHA

ssh and scanner? Maybe it's trying to brute force other machines?

oh no, damn

watchdog? Apparently it sets itself up to be "unkillable"?

And I see definite attempts to replicate itself in that trace.

Yea, it taps the signal handlers to dodge bein' killed it looks like.

i hate working without NVidia drivers

Aighty. I've saved that trace in my quarantine folder and repacked my archive. Will carry it to my server on a pendrive tomorrow and dig at it in a virtual machine a bit myself. Mebbe let it loose in a honeypot for a little while. :)

but this is only the bootstraper trace. (I think that) the real thing is in the fake syslogd process.

I've just wipped my disk on the desktop pc, now i have to install it back, with NVidia drivers and all my programs. Damn that virus.

Ya, that's why I'm thinking I'll have to run it in a honeypot VM, so that it can download it's payload and try to do it's thing while I monitor what it's up to.

Cities: Skylines is -68% off at Steam right now...

Cities: Skylines is -68% off at Steam right now...

Sweet! That's one on my wishlist.

Great game indeed

Dang, there's a MESS of stuff on sale on Steam today, innit?

Also there's Shadwen (a stealth game) to grab with -70% off

Nice.

Dang, there's a MESS of stuff on sale on Steam today, innit?

It's often like this on weekends ?

It's often like this on weekends ?

Right on. Hadn't looked at Steam in a while, honestly. Been all sucked into learning Python and coding a Telegram bot. :)

Cities: Skylines is -68% off at Steam right now...

got it, works flawlessly on F25 ;)

How you dare to deny this "absolute truth..."? ?

I don't deny, I only doubt.

Good day everyone! I have a little question. I'm using Plasma 5 on Fedora 25. It's installed on top of Workstation. How do I know if I'm using Wayland or X-Org?

Hi Malicious ! Welcome to the group!

Good day everyone! I have a little question. I'm using Plasma 5 on Fedora 25. It's installed on top of Workstation. How do I know if I'm using Wayland or X-Org?

One place such info would be easily found on KDE plasma would be in kinfocenter

The KDE system info tool

Sandman

Enter the Sandman? LOL

One place such info would be easily found on KDE plasma would be in kinfocenter

Let me see if it's installed....

What kind of laptop is that one? Looks nice.

The KDE system info tool

Ah, it's not instsalled.

What kind of laptop is that one? Looks nice.

Looks like a Macbook Pro of a kind.

15" probably.

Hi Kohane.

Orgs of the contest would let people to use their hardware for the competiton. :D

10 days left and I am already packing.

https://blog.mozilla.org/blog/2017/05/18/one-step-closer-closed-internet/

maybe it went on my system because I have public static IP enabled..

If you have a public IP you either should have a very potent firewall (opnsense) infront of it, not on the same system ideally - or really really tightly lock down your pc and choose very strong passwords (maybe move your ssh port a bit)

or even both. Nothing comes close to being as dangerous as running a home pc with a public ip - even servers struggle to do so.

https://blog.mozilla.org/blog/2017/05/18/one-step-closer-closed-internet/

gofccyourself.com

This link may sound worse than it is XD

If you have a public IP you either should have a very potent firewall (opnsense) infront of it, not on the same system ideally - or really really tightly lock down your pc and choose very strong passwords (maybe move your ssh port a bit)

what about setting a Pi as DMZ Firewall?

You people.... Using Raspberry Pis for network intensive tasks

You people.... Using Raspberry Pis for network intensive tasks

AHAHAHAHA

You people.... Using Raspberry Pis for network intensive tasks

Resource limitations.

what about setting a Pi as DMZ Firewall?

Its slow, it doesnt have the tools opnsense offers and would scream and die under suricata

Yes indeed.

and if you use a firewall and then just dmz your pc you gained exactly nothing

If you have a public IP you either should have a very potent firewall (opnsense) infront of it, not on the same system ideally - or really really tightly lock down your pc and choose very strong passwords (maybe move your ssh port a bit)

Or not open any ports at all.

you may have made it worse tough by adding anothee possible target

Or not open any ports at all.

Or this ( but old kernels can still pose a threat publically)

I don't have a hardware firewall or a machine I can use as such, I have software firewalls up and running at all machines and only use certs with passwords to connect to machines.

I don't have a hardware firewall or a machine I can use as such, I have software firewalls up and running at all machines and only use certs with passwords to connect to machines.

i just use maximum strength keys everywhere

ERROR: S client not available

i just use maximum strength keys everywhere

Same.

Also, 3 attempts lockout is a nice feature.

Also, 3 attempts lockout is a nice feature.

same setting here - i love to tail -f varlogsecure sometimes and laugh at all the idiots not realizing that root doesnt have a password auth they could use XD

hello how to verify fedoraiso and checksum

hello how to verify fedoraiso and checksum

open terminal sha256sum /path/to/iso

open terminal sha256sum /path/to/iso

thx

hello how to verify fedoraiso and checksum

that isnt a necessity?

also, the process is detailed on their website after you download. just click the "how to verify"

that isnt a necessity?

Dont tell anybody to not do things when they do it right.

sorry edit?

is it a necessity?

coz i never did it?

Your download could be broken or even compromised in rare cases, checking the checksum (and ideally the checksums key) prevents both.

is it a necessity?

Fedora has its own checker but if you are exceptionally lucky the iso is corrupted just right so it doesnt boot or checksum passes despite failure. chances are low but the 1 minute sha256sum...

Just do it.

hmm

that isnt a necessity?

yeah very have necessary now time have edward snowdon

yeah very have necessary now time have edward snowdon

if you want to travel that route it leads into a steep descent of neverending things.

patching out your AMT, using core/libreboot, making sure you only use free software, desoldering your cam and mic....

dont worry, i did go down that route ^^

dont worry, i did go down that route ^^

fedora 25 how to update fedora 26??

fedora 25 how to update fedora 26??

Wait for 26 to become stable

then it will display an update button all by itself

Orgs of the contest would let people to use their hardware for the competiton. :D

Contest? What contest?

Hi Kohane.

Hi Gwindor!

Anyway, now I have installed Kinfocenter, how do I know if my KDE is using Wayland or X-Org ? I already took a look at it but I can't find where it says that. I know Wayland is Gnome 3's default, but I want to know about Plasma/KDE.

Wait for 26 to become stable

ok

Anyway, now I have installed Kinfocenter, how do I know if my KDE is using Wayland or X-Org ? I already took a look at it but I can't find where it says that. I know Wayland is Gnome 3's default, but I want to know about Plasma/KDE.

echo $WAYLAND_DISPLAY

if nothing shows up, you're using Xorg

If you run in a VM, you know it's wayland when the screen flickers...

if it's something like wayland-0, you're using Wayland.

xrander also shows wayland display, afaict