GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have an intrusion problem, it's to do with when I open firefox, it always connects to a site... namely msxsecurity.com on port 1028 and 1027. I do not know how to close it or get rid of what is doing it, can some one please give some support on this topic thanks.
Here is an image link to what I am seeing as I start up firefox.
msxsecurity.com seems to be some sort of site for gaming cheats. Are you a gamer? Did you purchase a hack from this site? If not, looks like you may be part of someone's botnet...
A quick scan reveals:
Code:
PORT STATE SERVICE
1027/tcp filtered IIS
1028/tcp filtered unknown
1027 is not a registered port, but they seem to be running some sort of web server there. I could not connect when I attempted (it timed out).
Can you not set up your firewall to block these connections?
I have another picture of what has happened but this time it's a picture of a BitDefender Firewall complaining about www.msxsecurity.com accessing the Internet. But the terrible thing is that when I don't allow it access, I can not use firefox, because it blocks the firefox.exe program and not just the ports that site is using.
I tried to tracert LocalHost today... in other words I tried the command:
tracert 127.0.0.1 and for some reason the only traced path it gave me was www.msxsecurity.com. Can someone please tell me what is going on and how I can fix it please. Thanks All.
the first one may show you some unwarranted startups in your machine(can choose to temp. disable or delete them) while the second one probably will help you in tracing the location of troublesome app/services but beware of the first one though ...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.