LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Closed Thread
  Search this Thread
Old 11-22-2013, 07:41 PM   #16
nice1m8
LQ Newbie
 
Registered: Nov 2013
Posts: 9

Original Poster
Rep: Reputation: Disabled
hi


Hi I have listened, read replies...


I have tried many times to reinstall. I've tried every method |I can think of. Dismounting, knoppix etc etc

everytime we reset the BIOS and took cmos battery out -we paid IT experts to come in and none of them have had a solution. They told me it can't be stopped.

I think surely it can be removed from the PCs that are offline though - but no way I have found works yet. We have over 10 infected PCs and phones so its a lot of money to us.


I think we have to not be online at all but my mum needs it - she keeps going back on. :/
 
Old 11-22-2013, 08:46 PM   #17
k3lt01
Senior Member
 
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with LFS.
Posts: 2,900

Rep: Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636
Quote:
Originally Posted by nice1m8 View Post
Hi I have listened, read replies...
All the evidence we have suggests you haven't.

Quote:
Originally Posted by nice1m8 View Post
I have tried many times to reinstall. I've tried every method |I can think of. Dismounting, knoppix etc etc

everytime we reset the BIOS and took cmos battery out -we paid IT experts to come in and none of them have had a solution. They told me it can't be stopped.

I think surely it can be removed from the PCs that are offline though - but no way I have found works yet. We have over 10 infected PCs and phones so its a lot of money to us.
But you keep reconnecting, guess what if this is real and the way you are describing it (which is highly improbable if not impossible) then the one thing you must do is totally disconnect from the internet.


Quote:
Originally Posted by nice1m8 View Post
I think we have to not be online at all but my mum needs it - she keeps going back on. :/
Remove every device that enables connection to the internet, modems, dongles etc. If she must have access to the internet take her to an internet cafe. Once you have done this reinstall everything and let us know so the LQ community can help you in the next steps to secure your systems and network.
 
Old 11-22-2013, 09:05 PM   #18
ukiuki
Senior Member
 
Registered: May 2010
Location: Planet Earth
Distribution: Debian
Posts: 1,030

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Exclamation

Reseting the bios is not a solution if the attacker managed to write a code on it, by reseting only will get the bios back to default state with the bad code on it, in this case what is necessary is to replace the software on it by wiping out what is in there and rewriting a new bios, like cloning from a clean one.

You will have to do all this offline so no chances to the attacker get in the way.

When reinstalling the system, also wipe the hard drive with dd by writting zeros in the entire hard drive, to make sure nothing is there afterwards.

Any pendrives, cds, or any other type of media used to records data while under attack might be in jeorepart, and it is better not to use any of those.

Again You will have to do all this offline so no chances to the attacker get in the way.

Before buying any new devices(actually you shouldn't), learn more about them, about technology, how they work, what precautions to take, etc and so forth and so on. Get informed !

Here some websites about security:
Tips
https://www.us-cert.gov/ncas/tips
News
http://thehackernews.com/search/label/Security%20News
LQ reference
http://www.linuxquestions.org/questi...erences-45261/

Last edited by ukiuki; 11-22-2013 at 09:18 PM.
 
Old 11-22-2013, 09:10 PM   #19
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: Slackware
Posts: 7,005

Rep: Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529Reputation: 2529
How are you posting here, exactly?

Cellphone + data plan? Internet cafe? Public library? Wifi at Starbucks? A desktop/laptop at the home or office connected to your regular ISP?

Quote:
Originally Posted by nice1m8 View Post
Look for yourself at what has been done

Your public IP address is 90.204.60.225

^ this is our IP.
That tells us absolutely nothing. I don't know what you expected us to "look for ourselves" at, based solely on that information.

Last edited by dugan; 11-22-2013 at 09:24 PM.
 
Old 11-22-2013, 09:56 PM   #20
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,818

Rep: Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408
While all of those " boogy man" things can be done
no one and i do mean NO ONE will be doing them
now country based Orgs like our USA's NSA and CIA can do all of those things
it is FRAKING EXPENSIVE to do

so expensive that unless you ARE Edward Snowden they will NOT go to any of the extremes

DDOS is the most likely thing
or ceasing control of the local server you are piped to by your ISP
(a man in the middle )
but to keep that up for more than a single day takes the resources of say the NSA
and they WILL NOT be targeting you


Now no system , not even the CIA or NSA can withstand a attack BY EXPERTS
they will ALWAYS win


but once you take the advice from the above posters

1)
reformat and do new clean installs of say Fedora 20
yes it is buggy
BUT the bugs are SO NEW that most will not know HOW to exploit them -- YET

2)
unplug your LG "smart TV"
turn it into a normal DUMB tv
3)
unplug and disconnect "wireless " routers
unplug the dsl/cable
use TV only

4)
use the public library and coffee shops to update the fedora 20 installs on laptops

5)
and in a few months of REMOVING THE "BAD GUYS" FUN THEY WILL GET BORED AND QUITE !!!


BASICALLY remove your self as a target and they will quit
 
Old 11-22-2013, 10:33 PM   #21
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530Reputation: 3530
Quote:
Originally Posted by astrogeek View Post
I think he/she needs to refresh their knowledge of PCs.
Sums it up pretty much.

And anything else won't have the intended effect anyway.
Odd how some can't spot such threads from a mile away...
 
Old 11-22-2013, 11:45 PM   #22
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,258

Rep: Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947
I've been laughing since the first post. If the OP isn't a troll, he's quite possibly the worst "SEO" employee on the face of the earth.

I mean really, half the things you (talking to the OP now) are claiming is hacker intrusion are standard packages installed with ANY Linux distro. root is a standard account on ALL (and I do mean all) Linux installations. You're talking about AI in your bios...really...are you that gullible? I mean christ, just unplug your modem!!! If you're disconnected from the internet then the intruder can't get in. No ifs, ands, or buts about it. Reactivating deactivated wireless and bluetooth adapters...really? To connect to what? Unless you have an active wireless network attached to the internet there's nothing for those "reactivated wireless adapters" to connect to. Unplug the GD modem, clear the CMOS, reflash the BIOS, reinstall the OS, and be done with it. And don't reconnect the modem until you have everything sorted out. Router re-flashed or replaced, IP changed, all OSs reinstalled, all phones reset to factory conditions, etc.

This post is either a troll or a paranoid schizophrenic who shouldn't be allowed near a computer.

Last edited by suicidaleggroll; 11-22-2013 at 11:52 PM.
 
Old 11-23-2013, 12:10 AM   #23
haertig
Senior Member
 
Registered: Nov 2004
Distribution: Debian, Ubuntu, LinuxMint, Slackware, SysrescueCD
Posts: 2,115

Rep: Reputation: 330Reputation: 330Reputation: 330Reputation: 330
Compared to this thread, the vaunted "Mall Ninja" thread of internet fame was actually believable.

http://lonelymachines.org/mall-ninjas/
 
Old 11-23-2013, 12:13 AM   #24
k3lt01
Senior Member
 
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with LFS.
Posts: 2,900

Rep: Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636
Quote:
Originally Posted by suicidaleggroll View Post
This post is either a troll or a paranoid schizophrenic who shouldn't be allowed near a computer.
I think the labelling thing is over the top. If the person is indeed either of those things 1. the mod team should deal with the 1st and 2. the LQ community should take care not to cause problems for the OP if they are the second. A much better, for the OP, course of action is to show them how what they are talking about is highly improbable and to show them how to work through it in a calm, logical, and progressive manner.

Last edited by k3lt01; 11-23-2013 at 12:18 AM. Reason: Add the last sentence.
 
Old 11-23-2013, 12:18 AM   #25
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,818

Rep: Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408
no name calling please

now the OP is a bit over the top here

even if one was to royally tick off the "kiddes" on 4chan
that would only be a few days worth of mess

the "Low Orbit Ion Cannon" ddos only lasted a few weeks
 
Old 11-23-2013, 10:41 AM   #26
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,004

Rep: Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620
Quote:
Originally Posted by k3lt01 View Post
I think the labelling thing is over the top. If the person is indeed either of those things 1. the mod team should deal with the 1st and 2. the LQ community should take care not to cause problems for the OP if they are the second. A much better, for the OP, course of action is to show them how what they are talking about is highly improbable and to show them how to work through it in a calm, logical, and progressive manner.
Personally I think the answer here is for the OP to go to their GP and ask to have a psychiatric evaluation.
If this is a genuine post it isn't a computer problem that a forum like this can solve it is a mental health problem which needs treating by a professional.
 
Old 11-23-2013, 02:58 PM   #27
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
Dear nice1m8,
The comments in this thread went a little too far. I'm closing it. If you have any further questions, feel free to open a new thread. But if the situation is really as bad as you see it, your only solution is to disconnect your home machines from the Internet completely. Then use an internet cafe or a local library if you have to. And really, you should contact the police department again.
 
4 members found this post helpful.
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
rootkit attack on windows linux network salimshahzad General 5 01-27-2010 01:01 PM
I got rootkitted, recommendations for recovery? haertig Linux - Security 6 05-29-2009 03:00 AM
Family planner / calender on linux & windows ReefShark Linux - Software 1 06-29-2005 05:54 PM


All times are GMT -5. The time now is 04:43 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration