My Internet connection is acting slow and keeps disconnecting every 3 minutes so I went to sbc-s help site, and saw the message

My computer will not stay connected to the Internet for any longer then 2 3 minutes tops.

I have a firewall- Firestarter installed and it just now added sit0 ipv6 tunnel onto the status menu I use Linux how can this be dose Linux have a virus scanner so I'll know if the pc is infected. I'm most certain that it is because the site0 ipv6 tunnel just now popped up not so long ago. the artical is posted below this paragraph.

Virus Alert! - Windows PC Customers - Important
For All Applications, Windows (all), and All Domains




Problem: Customers may be experiencing Continual shutdown/reboot, and/or slow browsing

Issue: Recent viruses (known by names such as Zotob, Esbot, etc..) have exploited vulnerabilities in Microsoft Operating System functionality (MS05-039). These viruses cause continual rebooting of machines (infected machines), and/or slow browsing (carrier machines).

How to Tell If Your Computer May be Infected:

1. Your computer is constantly rebooting when attempting to connect to the internet or on system startup

This means your computer may be infected with the virus and will not perform properly.

2. Your computer's performance has suddenly degraded and is running very slow.

This means your computer may be carrying the virus without significantly impacting your connection.

How to Fix the Problem

1. To stop the shut-down in progress, follow the following process:
1. With your left mouse, click on Start.
2. With your left mouse, click on Run.
3. Type cmd and then click OK.
4. Type shutdown /A (WIN 2000/NT 4.0) or Type shutdown -a (WIN XP/2003).
5. Press enter.

2. How to patch the vulnerability:

Visit Microsoft's Website at: http://www.microsoft.com/technet/sec.../MS05-039.mspx

Select your Operating System, download and run the patch.

3. How to remove the Virus:

If you have an antivirus program, update your definition files:

Norton: Right click on the Norton Icon in the system tray and select "Norton Updater"
McAfee: Right click on the McAfee Icon in the system tray and select "Update"
Yahoo Online Protection: Click the update button upon launching the Antivirus program.
Other Antiviruses: Visit your manufacturer's website for details.

If you do not, SBC Yahoo offers free antivirus protection. You may download Yahoo Online Protection at: http://sbc.software.yahoo.com/ysftc/p/sbc/v1/welcome

F-prot has a free linux version for home use.

So your computer is running slow and disconnecting every few minutes ... what does this have to do with a virus, let alone a Windows virus? Look at /var/log/messages...

I thought the same thing the pc kept disconnecting from the Internet every 2 3 minutes non stop for over 3 hours so I naturally assumed that the pc had either caught a virus or someone used psp as mentioned on sbc-s website to gain access to my pc and change system settings.

SBC said they were not trained to use Linux so I had no other choice but to come here and ask why the symptoms mentioned on sbc-s website are happening to me I use Debian Linux.

If Linux is immune to pc viruses why is my pc disconnecting from the Internet every 2-3 minutes and why is the Internet connection slow. At first I thought it was a coincidence, but the symptoms were all there. The pc keep disconnecting from the net, the slow connect etc. Is it possible that someone hacked my pc and added spy ware onto it.

I cannot open that folder an error messages come up when I try.

Thanks for the replies

Your hardware specs suggest you are using a dialup connection. The sypmtoms also suggest that the system is dropping the connection because it is idle for 120s (2 minutes). Suggest checking the ppp log in /var/log and this may confirm that your system is dropping the connection. Check your /etc/ppp/options and see if the idle <n>, where n=120 is set. It will be down at the bottom of the file.

Sorry I thought you were wanting to scan a windows pc from your linux pc.

Hi everybody thanks for the replies

I am using Dsl to connect to the Internet, I did everything mentioned on this thread and nothing worked, plus I managed to make the system worst by trying to configure the pc to fix the problem. The Pc at this point is so mucked up, The best way to fix the problem would be to Un-install and then reinstall, Sarge, Debian again from scratch.

I am not sure what happened, but someone , somehow managed to gain access to my computer. If I was using windows, I'm most certain that my pc would have been ruined. SBC global (My ISP,) The reps at SBC are still not answering the phones because they are being flooded with phone calls from people needing help to remove this virus.

I have been using Sarge Debian for almost a year now and never had to download, or configure the pc. As I type these lines the fronts are so messed up I can barley see them. I apt-got msttcore fonts hoping that would make the fronts decent enough so I can at least see what I am writing, however that method only made the fronts look Jagged, not only on the word processor but webpages- sites as well.


The only option I see fit is to either somehow, remove msttcore front from the pc and try to make the fronts normal again Or Un- install Debian and Re- install it again.

Edit: I decided to Un- install Debian and re- install it again thanks for the replies

The pc is now staying connected to the Internet, it';s about time lol this is the first time in 3 days that the pc stayed connected to the Internet. The only problem I am having right now is with the fronts. dose anyone know a way to remove the fronts (msttcore) I already tried apt-get remove, didn't work I need to get the fronts back to normal so I can see what I am typing as well as read webpages. This damn virus/ attack really pulled a number. I don't want to Install Debian again unless there is no ther choice any suggestions on what I should do will be appreciated my eyes are hurting from typing this message lol. thanks for the replies.

Do apt-get --purge remove <package_name>

You could not be infected with the windows virus. It exploits a vulnerability not found on linux to execute code that will not run on linux that changes settings that do not exist on linux.

Try running "top", and sort the column so the process using most cpu usage is at the top (you can type shift-< and shift-> to switch the sort column, and shift-R to reverse the sort).

I have noticed that gam_server has sometimes been known to go berserk and take all cpu usage. if that's the case, type
killall gam_server

If that is the case then the only safe thing to do is reinstall, like you just did. However if you didn't format your home partition then you may still be vulnerable to backdoor attacks. You may want to backup your home directory in a tar ball and burn that on a CD or copy to a safe partition then format your home partition and recreate your user.

has anyone checked out AVG for Linux

http://www.grisoft.com/doc/Programs/...l01?prd=trisng

does it work, is it any good, would you buy it for linux

- perry

I suppose that the body is by-now dead and buried, but I never heard a symptom here that told me, "yes, this is a virus .. someone managed to get control of that computer." By now, the problem might be impossible to diagnose. Or, it could simply be taking a bit of a holiday, if the "reinstall" does not wipe out existing files but tries to preserve the existing configuration.

If you are using a DSL modem, then it is imperative that you have a firewall router, preferably one equipped with VPN, immediately downwind of that modem, and that all other computers are linked to the internet through it. On top of that, your Linux box should also have a firewall.

Most anti-virus programs for Linux are designed to check for Windows viruses on email gateways and file shares used/accessed by users of that OS, not to protect the Linux computer itself from the almost insignificant threat of Linux viruses. I wouldn't waste your money - secure your Linux box the proper way by setting up a firewall, keeping up with updates etc.