LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-28-2011, 07:51 AM   #1
sharky
Member
 
Registered: Oct 2002
Posts: 562

Rep: Reputation: 84
Another user is controlling your desktop


Got on my system just before 6am this morning. It's a linux mint 10 install. I dialog poped up in the top right corner stating that another user was controlling my desktop. There was URL indicated also. The dialog only stayed up a moment so I don't remember what it was.

I had no idea who it was or how they gained access. I use WEP with a 26 character key. I've now turned on MAD ID filtering also. When I rebooted my system it wouldn't come up. GRUB return 'hd0,msdos1'.

I plugged in another computer and I'm downloading the ISO to put on a thumb drive and will but from that.
 
Old 01-28-2011, 08:06 AM   #2
cantab
Member
 
Registered: Oct 2009
Location: England
Distribution: Kubuntu, Ubuntu, Debian, Proxmox.
Posts: 553

Rep: Reputation: 115Reputation: 115
WEP is easy to break. Use WPA if possible.
 
Old 01-28-2011, 09:40 AM   #3
sharky
Member
 
Registered: Oct 2002
Posts: 562

Original Poster
Rep: Reputation: 84
Quote:
Originally Posted by cantab View Post
WEP is easy to break. Use WPA if possible.
Apparently so. Looks like the asshole deleted my home directory and screwed up grub. They probably got my .mozilla directory so I'll have to change passwords to everything. Whoever it was I think I could shoot them and sleep soundly that night.

Pardon my tone but I'm pissed.
 
Old 01-28-2011, 10:41 AM   #4
lazydog
Senior Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,249
Blog Entries: 3

Rep: Reputation: 194Reputation: 194
They might have done more then that. I would erase and re-install and before going on the network fire up a firewall to protect against this.

Here is a simple firewall rule set that will allow you to do everything and stop any new connections that you didn't start:

Code:
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Next time he comes calling he won't get in.
 
Old 01-28-2011, 01:21 PM   #5
jlinkels
LQ Guru
 
Registered: Oct 2003
Location: Bonaire, Leeuwarden
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195

Rep: Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043Reputation: 1043
So?

Another user on the same network as this computer, and...? Since when is being on the same LAN identical to being in control of a computer? On my LAN hundreds of other users are connected, no one is able to break in into my computer.

jlinkels
 
Old 01-28-2011, 02:21 PM   #6
lazlow
Senior Member
 
Registered: Jan 2006
Posts: 4,363

Rep: Reputation: 172Reputation: 172
If your ssid is on the rainbow table list they can probably get in in under a minute.So Make sure you change your ssid to something not on the list(at least they will have to try harder). You might also consider changing your ssid at least once a month. Long term switching to a wired connection is the best way out. Cat6 is relatively cheap online and is not all that difficult to run.
 
Old 01-28-2011, 05:45 PM   #7
sharky
Member
 
Registered: Oct 2002
Posts: 562

Original Poster
Rep: Reputation: 84
Thanks to all for the support and suggestions. I'll reinstall and lock it down. Firewall, WPA, ssid changes, etc.

Lesson learned.
 
Old 01-29-2011, 08:29 PM   #8
lazydog
Senior Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,249
Blog Entries: 3

Rep: Reputation: 194Reputation: 194
You could take this one step further and setup MAC filtering and then only allow your MAC.
On my WAP I use WPA-TKIP, MAC Filtering and No Broadcast of SSID.
 
Old 01-29-2011, 08:36 PM   #9
lazlow
Senior Member
 
Registered: Jan 2006
Posts: 4,363

Rep: Reputation: 172Reputation: 172
Mac spoofing is really easy and not advertising the SSID does not mean that it is not broadcast. Both are good things to do but will not really give you much extra security from any attacker other than a novice.
 
Old 01-29-2011, 08:40 PM   #10
lazydog
Senior Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,249
Blog Entries: 3

Rep: Reputation: 194Reputation: 194
All true, but not advertising your presents normally means you will be over looked.
The only time you are a target is when they know of your presents.
Only good security measures will protect you in the long run.
 
Old 01-29-2011, 08:48 PM   #11
lazlow
Senior Member
 
Registered: Jan 2006
Posts: 4,363

Rep: Reputation: 172Reputation: 172
If the router is usable then the SSID is easily detectable.


This is just the first hit on google.
 
Old 01-29-2011, 09:44 PM   #12
EDDY1
LQ Addict
 
Registered: Mar 2010
Location: Oakland,Ca
Distribution: wins7, Debian wheezy
Posts: 6,841

Rep: Reputation: 649Reputation: 649Reputation: 649Reputation: 649Reputation: 649Reputation: 649
Just turn off remote desktop.
 
Old 01-30-2011, 11:59 AM   #13
lazydog
Senior Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,249
Blog Entries: 3

Rep: Reputation: 194Reputation: 194
Quote:
Originally Posted by lazlow View Post
If the router is usable then the SSID is easily detectable.
This is just the first hit on google.
To set the record straight if you don't want to be hacked then don't connect.
All these things are step to hide from the Hackers, not ensure that they cannot find you.
If you are connected and using the connecting you will be found sooner or later.
 
Old 01-30-2011, 04:59 PM   #14
sharky
Member
 
Registered: Oct 2002
Posts: 562

Original Poster
Rep: Reputation: 84
I'm not sure I was hacked now. The system still will not boot off the hard drive even after doing several reinstalls. I wonder if a hardware failure is what prevented the reboot. Could the intrusion have been coincidental? I've heard it's possible to remotely break hardware but I'm not quite paranoid enough to believe I would be targeted for such a malicious attack.

The system will boot off a usb drive but not reliably. Sometime is boots and other times it hangs. And I always have hit 'tab' at the grub prompt and manually enter 'live' for it to work at all. (that was with mint linux 10)

It only boots reliable from a DVD live disk.

Trying to boot the hard drive installation and Grub returns "error: hd0,msdos1 disk read error" > that may not be the exact syntax.

I mounted the hard drive from a live usb session and it took a really long time to copy some relatively small files -> 60 seconds for file less that 100k. That led me to consider maybe the hard drive was going bad. However, I tried OS installation with a different hard drive and it also would not boot.

I think I'm hosed.
 
Old 01-30-2011, 07:27 PM   #15
sharky
Member
 
Registered: Oct 2002
Posts: 562

Original Poster
Rep: Reputation: 84
That box is for sure hosed. I swapped disk from a system that was booting fine and it wouldn't boot. I'm guessing there's something buggy in the the SATA controller, except that doesn't explain why it seems to run fine from DVD. Oh well.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Controlling application running on a virtual desktop Blizz Programming 1 06-20-2009 04:07 PM
Controlling Desktop window via the Shell NEELIX_USR Linux - Desktop 3 02-11-2009 11:54 AM
LXer: Controlling desktop applications with six degrees of freedom LXer Syndicated Linux News 0 05-28-2008 10:00 AM
Controlling linux desktop using a gamepad kirtimaan_bkn Linux - Desktop 2 09-20-2007 08:46 AM
Controlling desktop power, so that it doesn't go into standby automatically. dmccol Mandriva 6 05-03-2004 07:05 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration