LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   download switcheroo? (http://www.linuxquestions.org/questions/linux-security-4/download-switcheroo-338672/)

Hosiah 06-30-2005 07:00 AM

download switcheroo?
 
I just had the weirdest thing happen...

My setup: Dual boot Red Hat Linux 9.0 and Windows98, on two seperate drives. I have a DSL internet connection.

What I was doing: Trying to download the "Freeduc" live CD from DistroWatch.com. I'm running as regular user in Linux, open an xterm to go superuser for this operation, and start Mozilla from the console (I have to use superuser for the write permissions to the Windows disk.). I use the Minnesota mirror (geographically closest) and choose to save the download onto a folder on my Windows drive (what else would I use the Windows side for but to store Linux iso's ?)

Well, the drill is, a 700MB iso download on my connection setup is about 7 hours, so I leave it run overnight. I get up this morning to find the download failed, and a message-box on the screen "Not enough hard-drive space to download:" + the name of some ".exe" file! Of course, I recognize that ".exe" means an executable file under Windows. I of course stopped everything. My disk quotas appear exactly as they did before. The name of the executable was a long random-appearing string of letters and digits, bearing no relation to what I was trying to get.

What happened? How was this done? What answers are possible?

qwijibow 07-01-2005 04:39 PM

noooooo !

Never ever ever run an application like a browser as root.
add the option "user" and "umask=0" to /etc/fstab to allow regular users to mount / write to your windows disk.

clear up some space, and try to download the file again, using a more reliable download rpogram like wget.

Hosiah 07-02-2005 09:50 AM

Thank you, qwijibow, I will do as you suggest.

But I'm still curious how this was done. Did somebody packet-sniff a router somewhere and detect a download, then slip their file into the stream? Or was the download mirror-site itself compromised? Or was this one of those cases of malware that tries to auto-send itself to random IP addresses, and it was just "my turn"?

qwijibow 07-04-2005 06:02 AM

I dont think anything happened other than your windows disk ran out of space, and the download manager saved only part of the downloaded file with a temporary name.

how much space is left on the disk you tried to download to ?

Hosiah 07-04-2005 11:46 AM

Quote:

how much space is left on the disk you tried to download to ?
1.9 Gig! And the .iso was the standard 700 MB CD image.


All times are GMT -5. The time now is 10:28 PM.