LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-14-2006, 12:52 PM   #1
kaplis
LQ Newbie
 
Registered: Jun 2006
Distribution: 6.06
Posts: 22

Rep: Reputation: 15
CBL Lookup Utility block IP adress for IRC


hey!

the CBL has blocked my IP adress for second time on IRC chat. they said that there are problems with mailing server or some viruses...but the problem was detected at time when my PC was turned off (it even didnt had a power supply- it was removed from electricity). i have Firestarter firewall...

maybe there are some more viruse protection programms (add aware; fix applications) or something like that? because i dont know the reason for some viruses or etc.

or i am the lucky man who have a viruss on my PC
 
Old 07-14-2006, 08:13 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Could you ask them to provide you with any of the relevent log messages?

Linux viruses are exceedingly rare (but certainly exist), so IMHO the likeliehood is low. In the meantime, I'd recommend running an AV software scan (like ClamAV or F-Prot) to verify that you are infection free. I'd also run an rootkit scanner (like rkhunter or chkrootkit) as well. Finally, make a backup copy of the system logs indicating that you box was powered down at that timeframe.
 
Old 07-15-2006, 10:38 AM   #3
kaplis
LQ Newbie
 
Registered: Jun 2006
Distribution: 6.06
Posts: 22

Original Poster
Rep: Reputation: 15
i downloaded ClamAV and chkrootkit...but how to make them run i am not so strong working with terminal
 
Old 07-15-2006, 10:42 AM   #4
kaplis
LQ Newbie
 
Registered: Jun 2006
Distribution: 6.06
Posts: 22

Original Poster
Rep: Reputation: 15
P.s. The CBL only lists IP addresses that are demonstrably infected by a mass mailing virus, or some sort of spam sending compromise (open proxy, trojan, spambot, insecure AnalogX/wingate etc).
 
Old 07-30-2006, 11:20 PM   #5
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Quote:
i downloaded ClamAV and chkrootkit...but how to make them run i am not so strong working with terminal
Are you still having trouble with either of these? They both have instructions for installing at their website and include an install README. Chkrootkit is pretty straight forward; unpack the tar archive (tar -zxvf chrootkit.tar.gz), change directories into the chkrootkit directory. Compile the C files using the command "make sense". Become root using "su". Then run the newly created binary with "./chkrootkit"


You can send an email to CBL via the address listed on their website FAQ. Ask what specific info led them to blacklist your IP.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
CBL Lookup Utility block IP adress for IRC.LV kaplis Linux - Software 1 07-15-2006 06:07 AM
Traceroute, Ping, Domain Name Server (DNS) Lookup, WHOIS, and DNS Records Lookup netoknet General 1 05-09-2005 03:43 AM
no ip adress yet.... backgrounding??? ronyx Linux - Networking 2 10-03-2004 07:36 PM
IP adress info MACSRULE Linux - Newbie 4 04-09-2004 05:04 PM
How speak irc client and irc server program? mech Linux - Networking 1 03-31-2004 05:23 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:47 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration