Can you tell from dpkg --list what kind of security breach I have on my Lenovo Desktop running TAILS?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Long, miserable, 2+ year story shorter than a book... I'm a writer and was paid to put together a report to be submitted to a state agency about a multi-million-dollar case of public corruption. Parties involved found out I was the one hired to be the writer on that and future whistleblowing efforts. Since then, dealing with the retaliation has been unpleasant and expensive. Recently a computer forensic specialist in my region took a look at the case and quoted me a $4,000 retainer to reverse engineer what was on my windows devices and cell phones/SIM cards, etc., to trace and prove its origin to sue for damages.
In his words, it was "professional and aggressive." If I had the $4k I wouldn't be struggling, but here I am searching for options because I'm fighting battles on several fronts (cancer, divorce, etc.) and money is an issue for me. My degrees are in management, not IT, so I'm hopeful somebody who lives and breathes this has a simple solution for me... Other than unplugging from civilization and taking up a new profession as a cave dweller carving figurines for a living.
On the advice of a Windows tech replacing yet another one of my burned up hard drives, he put a blank hard drive in my computer, told me to use a Linux live distro on a USB, and use all new cloud accounts. It worked for maybe 3-4 days and then, despite using a Linux TAILS live USB, it was reconnected to the criminal's remote Windows 7 server again. A Synaptic Package Manager appeared on my desktop, and all of these packages appeared, with permissions changing and everything going wrong again just like on Windows.
Before this, I literally never had a problem with any of my devices, other than an occasional virus that everybody else gets, and I've been using computers daily as either a financial services manager or freelance writer for 18 years. This is unlike anything else I have ever experienced.
As scasey said, why do you think you have a security breach? Because this sounds **VERY** familiar; same sorts of 'retaliation', a vague 'them' who is out to get you, who has somehow hacked SIM cards, cell phones, computers, routers, etc. And all somehow without any evidence of a breach of any sort, past vague technical terms that don't string together in a way that makes sense. Amazingly, all within the past year, all from 'newbies', all with a similar story. Last one from mid-November, this one from early December. What a coincidence.
Again: what is your actual EVIDENCE that your Windows system/phone/SIM card/whatever was actually tampered with??? And say you have 'burned up' hard drives from some mystery hacker/virus is absolute nonsense.
As scasey said, why do you think you have a security breach? Because this sounds **VERY** familiar; same sorts of 'retaliation', a vague 'them' who is out to get you, who has somehow hacked SIM cards, cell phones, computers, routers, etc. And all somehow without any evidence of a breach of any sort, past vague technical terms that don't string together in a way that makes sense. Amazingly, all within the past year, all from 'newbies', all with a similar story. Last one from mid-November, this one from early December. What a coincidence.
Again: what is your actual EVIDENCE that your Windows system/phone/SIM card/whatever was actually tampered with??? And say you have 'burned up' hard drives from some mystery hacker/virus is absolute nonsense.
Well, TB0ne, you've certainly helped me out this evening... you're showing me that I should stick to the professional computer forensics consultant in my local region and just find a way to come up with the money. He already communicated with the technicians doing the warranty work on the hard drive and the cell phone repair specialists who dealt with the phones and tablets in question. I appreciate his professionalism, knowledge, and respectful communication. Especially since I'm not a computer expert and answer in more general terms until steered toward specifics... If I don't understand what he's looking for when he asks a question, he simply asks more specific questions to get the information he needs instead of prematurely resorting to insults and accusations. Good day to you.
If you want to check your Linux, then you could install rkhunter (rootkit hunter).
But if you have a pro targeting you, they might be in your router so they can access all network traffic. Check if there is a firmware update. If not, see when the last one came out and if it has been some time, then get a new router.
Well, TB0ne, you've certainly helped me out this evening... you're showing me that I should stick to the professional computer forensics consultant in my local region and just find a way to come up with the money. He already communicated with the technicians doing the warranty work on the hard drive and the cell phone repair specialists who dealt with the phones and tablets in question. I appreciate his professionalism, knowledge, and respectful communication. Especially since I'm not a computer expert and answer in more general terms until steered toward specifics... If I don't understand what he's looking for when he asks a question, he simply asks more specific questions to get the information he needs instead of prematurely resorting to insults and accusations. Good day to you.
So now it's:
Phone
SIM cards
Tablet
PC
"Burned" hard drives
You are the one making accusations; you are accusing some vague 'someone' of hacking you and (somehow) 'burning up' hard drives, yet don't produce any proof or evidence of ANYTHING, past accusations. Same as those other posters mentioned previously...nothing new here. Again: WHERE IS YOUR PROOF/EVIDENCE???
And yes, I *DO* security/consulting professionally and have for decades..which is precisely why your story makes no sense. You want to spend $4k for someone to tell you something?? I'm sure they'd be happy to take your money to produce whatever story you want to hear. We'd not do it, because we need more than a vague story with disjointed logic to take it seriously, and wouldn't rob someone.
Again: your story falls apart at your very first post in this thread, and in fact, the subject line. Because it says, "....Lenovo Desktop running TAILS" (bolded for emphasis). For a 'newbie', you certainly seem to have some skills, since you not only:
Located a security-focused distro
Downloaded it
Burned the ISO image correctly
Booted it
...and, despite it being a LIVE DISTRO that's not meant to be installed on a fixed hard drive without some considerable effort, DID JUST THAT.
..seem to have ignored what TAILS is. That is, a distro meant to run solely from a thumbdrive with zero persistence. Not to be installed without some effort/skills. Want to try again on 'newbie' angle?
If you want to check your Linux, then you could install rkhunter (rootkit hunter).
But if you have a pro targeting you, they might be in your router so they can access all network traffic. Check if there is a firmware update. If not, see when the last one came out and if it has been some time, then get a new router.
Does this sentence make sense to you, uteck?
Quote:
Originally Posted by mailbox96321
...and then, despite using a Linux TAILS live USB, it was reconnected to the criminal's remote Windows 7 server again. A Synaptic Package Manager appeared on my desktop, and all of these packages appeared, with permissions changing and everything going wrong again just like on Windows.
Bolded for emphasis only.
So, a TAILS install (which is live, with zero persistence by design), is somehow 'reconnected' to "the criminal". For a newbie, it's amazing that they were able to somehow 'know' that it was a Windows 7 machine (make sense for a pro hacker to user Windows 7???) Or that the Synaptic manager just 'appeared', since you have to manually enable such things as an admin? (again, not pointing to 'newbie') https://tails.boum.org/doc/first_ste.../index.en.html
And the 'newbie' somehow spotting these permission changes? How would a 'newbie' know what they were SUPPOSED to be, or how they changed??? Again, a 'pro hacker' wouldn't do anything visible on a screen, nor COULD they using live TAILS. This is much like the previous threads this past year....nothing new.
Since the netstat command in Terminal wasn't working correctly, I googled "netstat alternative in linux terminal" and saw some recommended the SS command, so here's that output, in case that's relevant to you (?)... Again, thank you for any of your time and expertise.
[snip]
To be continued because results were too many characters for one post...
Generally speaking, if the output of the command is longer than the post limit, it's also likely to be of not much use. Posting all that just clutters the thread. Use pastebin or some such instead.
Try
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
