Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 04-07-2013, 10:07 PM   #1
LQ Newbie
Registered: Jan 2013
Location: under the bridge
Distribution: Slackware 14 current
Posts: 14

Rep: Reputation: Disabled
Yes, it belonged in security

I need help, and fast, can someone please f&*$^@g answer me.

So I can clear this up.

Is this my computer (How the h#!!) that is infected, the T-Mobile 4-g router or my web/mail-server

If you read the link you'll see I have a serious *SECURITY* issue, please help.

Shit, I forgot to submit this damn post
Old 04-07-2013, 10:14 PM   #2
LQ Guru
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288

there is lots of information on the page you linked to. Did you read it? Follow it?

Old 04-08-2013, 08:59 AM   #3
Senior Member
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779
First, while your frustration is understandable, LQ is not the place for foul language and creative workarounds. Would you please edit your post to clean it it up.

By the title of your post, 'yes, it belonged in security', I assume you are referring to your other post that was moved to networking? If so, would you please elaborate on the connection between these issues? At first glance they do not appear to be related, unless for some reason your traffic from T-Mobile is being blocked.

With respect to this post, and your t-mobile account, the first thing that you need to determine is if the IP in question,, is a static or dynamic IP. If it is dynamic, it is possible that the 'report' is not caused by your system or activity, in which case they will likely wind up with a rolling set of IP addresses being blocked. Second, keep in mind that mobile providers are a common resource used by those who wish to perform ill deeds which means that you are more likely to experience false positives.

Is the machine in question a server of some form? If so, and especially if it does have a static IP address you need to perform an investigation into whether or not your system IS responsible for the bot net traffic, which could be an indication of a potential compromise. One advantage to performing an analysis and information gathering investigation is that it would build evidence that you can use if you are not at fault.

With the above in mind, would you please elaborate on your situation, and provide details as to exactly what it is that is happening, how many machines are being effected and what their function is, etc. We can certainly help you resolve the issue, but you need to work calmly and methodically.
1 members found this post helpful.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
avoiding allocate uid/gid belonged to delete's users erodri07 Linux - Security 7 06-18-2012 07:32 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 02:02 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:53 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration