- All Forums
-
General
-
Television
-
DVDs & Films
-
Hardware
-
PCs & Mobiles
-
Photography
-
Music
-
Gaming and Consoles
-
MAD
-
Sports
-
Trading
-
Retailer Reviews
-
Bargain Buckets
-
Region Hacks
PCs & Mobiles Forum - RE: Easy and light Linux - Page 113
Elite
Had my Ubuntu 10.04 compromised today. I use tightVNC to control the machine from across the room at home. Opened a session and there was a Chrome window open, one I didnt leave open, with a Gmail window open. Checked the history and saw a couple of other mail sites in the history from about 2 minutes earlier. I think I interupted someone trying to find saved email and other site details. Luckily I dont normally save autocomplete details.
Checked my Home area and a new file has appeared called snuky.tar.1, and it has been extracted to my /home in an unnamed folder, just spaces for the name. Looked in the folder and several files including some I dont quite understand but may be attempting to forward my email to another account..
Going to wipe it all now, best to be safe rather than sorry. Thing is I dont know how they got in, possibly through tightVNC, best check my adsl router firewall settings. And I should get into the habbit of making sure I lock my screen when not using the PC, its on 24/7 as a media server and I dont normally lock it.
This item was edited on Saturday, 10th July 2010, 21:14
Elite
What security do you use on your router, is it wireless?
At work we use vnc for remote support, but a security audit told us we shouldn't since you don't have to put a password on, even though we do.
Hopefully you caught them before they had chance to do anything bad. Bit dumb of them to vnc that way as you can vnc to a session other than 0, to use vnc like you'd rdp to a TS.
Elite
wireless is wpa2, random key, mac filtered but the PC is hard wired. I suspect that the vnc port was showing to the outside world so I have removed it for now. formatted the machine now and reinstalled and updated Ubuntu, just leaving a couple of hundred gig of videos to copy from the backup drive.
I didnt have a vnc password either, only use it internally so I dont have to move 6 feet from the sofa when I am using my laptop. and no screen lock means that the session would be open, although they wouldnt have superuser access to any folders, just my /home folder. They left the tar file in the root of my home folder, then untarred it. Looks like it had some files they could use to send all my mails on to them, so going to just check and change my email passwords, but I dont use a mail client locally, all webmail at home.
The Chrome history was only a few minutes old and no pages showing other than the front pages for gmail and yahoo. I suspect they tried to see if I had turned on autocomplete and saved my logins, which I dont.
Added a firewall and currently only allowing http, https, ftp and dns until I have time to set it up for vnc again.
Elite
doesn't the router have a firewall though, which you can block the vnc port, and have it open on the 2 PCs, unless yo VNC from outside your house sometimes?
http://www.grc.com
can scan your ports for you
Elite
The router has a firewall that is running, but also uPNP that is used to auto open ports for applications, such as BT. So, I think that the Remote Desktop session was sending a uPNP request to the router and leaving a port open. They probably sent a remote session, http, ftp, etc requests to random IP and mine just accepted.
I have rebuilt and added a firewall to Ubuntu now, so just internet, BT and Mediatomb running at the moment.
Elite
doesn't ubuntu have a firewall in it, which is turned on normally with most ports closed? I remember having to use the iptables command to open ports for various progs? Firestarter can be used to control that firewall, can't it, or have I misunderstood it?
Which firewall have you installed now?
OpenSUSE 11.3 is out
option to install it with lxde which is nice, and some of the upcoming new Gnome bits.
article about Gnome, I'm uessing they'll try not to follow KDE4's example 
It looks shiny like kde4 if that makes sense 
GNOME 3: The Future of the Desktop
Elite
at http://distrowatch.com/ today saw this
Getting Started with Ubuntu 10.04 (Lucid Lynx)
I didn't dl, as it seems to want to know all your personal details, but may be handy, and possibly can be found elsewherr
Elite
Ubuntu didnt have a firewall configured by default, I installed FireStarter which is the gui for ufw and have set it up for just the ports I have.
Elite
I find gufw a better firewall frontend. No fuss. 
Firestarter is a bit old now, and I think development has ceased on it. I suppose it does it's job though.
Suse looking good.
___________________________________________________
Galbadia Hotel returns! Classic videogame OST's and more.
Elite
Upgraded openSUSE earlier today, not had chance to play yet, upgrade was painless as always, took a while though.
