Sign in to follow this  
mwight

Off Topic: If You Value Your Online Security You Need To Run Linux

Recommended Posts

Dear Ya Mu,

 

He is (I believe) commonly reading the private (PM's) here at 'Tao Bums'.

 

While I have NO "proof", because you did a kindness for/to me, YOU PAID the price for doing it.

 

I'm very sorry that this happened to you, and I strongly suspect that this happened to you because of ME.

 

Bummer. :(

 

Your friend in Dao, gossamer/Albion

 

 

 

 

 

 

 

 

Just had 2 separate events happen.

 

Software running on Unix server. I am using Joomla as my web software for www.stillnessmovement.com. It was hacked last week. I spent all weekend trying to re-install my backup. After upgrading to new version (1.5.9) of Joomla and trying to fix the problems for 2 days I finally gave up did a full install of the newer release of Joomla. So this stuff CAN be hacked. The fault was mine as I had not kept up-to-date on the Joomla releases. But the version I was using was not THAT old (several months).

 

Another separate event with a windoze vista laptop. Got bit by the google re-direct virus (rootkit) that none of the antivirus programs could find. I found and manually deleted a file that was hiding as a system file.

This virus re-directs google searches to malicious sites.

 

G was right, they are out to get us!

Share this post


Link to post
Share on other sites

While I have NO "proof", because you did a kindness for/to me, YOU PAID the price for doing it.

I'm very sorry that this happened to you, and I strongly suspect that this happened to you because of ME.

Don't feel bad G. It's a tiny possibility, almost non existant. I wouldn't worry about it.

 

But just in case why does nobody have a go at me anymore :(

If you are any good the location details here

<--

are more than enough.

 

Come on have a go ya mug :P

Share this post


Link to post
Share on other sites

I used Ubuntu for a while, i think it sthe best kind of Linux, very easy to use and comes with everything you need.. open office, firefox, pidgin (instant messanging), and its free!

 

http://www.ubuntu.com/

 

you can even download and burn a Live CD which is the whole operating system on a CD which you can boot up and run without installing anything on your hard disk.

 

 

and for those less adventurous that just want to stick to windows..a good free antivirus, you can get Avast

http://www.avast.com/

 

btw, there is a program called Wine for linux which lets you run windows applications.

 

here are some links to what linux looks like for those interested

 

http://www.troyandnaomi.com/images/Ubuntu_desktop_large.png

 

http://www.ubuntu.com/products/whatisubunt...s/home/main.jpg

Edited by mikaelz

Share this post


Link to post
Share on other sites

I have used Linux for 3 years and gave up. It is a pain in the bum if you want to run many of the Windows based application. If you like editing photos using Photoshop, the best tool in the market period, forget about appyusing Linux for it.

 

Ubuntu is bloated and vastly overrated. The first releases were good but it went downhill with the last two.

 

I am back to Windows and happy as ever (SP3).

 

If you surf porn, gambling, warez sites and the like then Windows is not very safe. Get yourself a Mac or use Linux for that matter. If that isn't the case then secure your Windows box. Here's what you need to do:

 

1. http://www.tweakhound.com/xp/xptweaks/supertweaks1.htm

2. http://www.markusjansson.net/exp.html & http://labmice.techtarget.com/articles/win...tychecklist.htm

and also here: http://www.malwarehelp.org/malware-prevent...-security1.html

 

It is also mandatory using a router with an SPI firewall included and properly configuring it to avoid someone hacking it. A software firewall alone is not enough.

 

If your Windows box gets infected seek for advice in here:

 

http://www.dslreports.com/forum/cleanup (make sure you follow the mandatory steps before requesting assistance or your post will be automatically deleted)

 

 

If you need further advice regarding security matters the same forum has another section:

 

http://www.dslreports.com/forum/security

 

Many geeks and comp. sec. professionals often post in there offering free advice. Very helpful and knowledgeable guys. Good karma to them. Regards from "psicop" if you ever read this :)

 

 

Good luck and happy surfing.

 

Remember: you are the only responsible for infecting your computer.

Share this post


Link to post
Share on other sites

G,

 

Don't worry, I have no concern about this. I don't keep sensitive information on computers connected to the internet, I often do computer upgrades and do clean windoze installs every few months, so no big deal to me to re-do anything. My web-sites are static and easily re-done. How do I know that Spirit wasn't saying "Time to re-do the Site." :o In fact, I think it looks better already!www.stillnessmovement.com

 

The google re-direction bug has been experienced by many and apparently comes from opening .pdf files with earlier versions of adobe software (UPGRADE often is the advice ). And the laptop wasn't really mine but belonged to a family member. I think the .pdf was on an agricultural site.

The problem is that the antivirus programs DO NOT find this bug, it has to be removed manually; very easy to do.

 

It is known that earlier releases of Joomla 1.5 offer a gateway in and that there are robots on the net searching for these versions of Joomla. I simply hadn't kept up with it. But Joomla is pretty cool; it is FREE!

 

I am thinking now though that I will go back to Ubuntu or Mint for personal internet use. It is OK, I go all the way back to Unix on the old Dec PD-11/70 micro computers.

Share this post


Link to post
Share on other sites

were you using unix or linux on your server? If it was linux what distribution?

 

G,

 

Don't worry, I have no concern about this. I don't keep sensitive information on computers connected to the internet, I often do computer upgrades and do clean windoze installs every few months, so no big deal to me to re-do anything. My web-sites are static and easily re-done. How do I know that Spirit wasn't saying "Time to re-do the Site." :o In fact, I think it looks better already!www.stillnessmovement.com

 

The google re-direction bug has been experienced by many and apparently comes from opening .pdf files with earlier versions of adobe software (UPGRADE often is the advice ). And the laptop wasn't really mine but belonged to a family member. I think the .pdf was on an agricultural site.

The problem is that the antivirus programs DO NOT find this bug, it has to be removed manually; very easy to do.

 

It is known that earlier releases of Joomla 1.5 offer a gateway in and that there are robots on the net searching for these versions of Joomla. I simply hadn't kept up with it. But Joomla is pretty cool; it is FREE!

 

I am thinking now though that I will go back to Ubuntu or Mint for personal internet use. It is OK, I go all the way back to Unix on the old Dec PD-11/70 micro computers.

Share this post


Link to post
Share on other sites

were you using unix or linux on your server? If it was linux what distribution?

Linux

CentOS 5 + Plesk 8.6

 

The problem was not the operating system but that Joomla 1.5 early versions left a wide open path. Joomla uses mysql database but is also a web-based system; all editing can be done online. My mysql database was intact, but the css files, template files, and configuration was screwed. I have already done a new latest Joomla install. This is a secondary static site so it really wasn't any big deal. I always look at what some perceive as negative as an opportunity; I was briefly somewhat miffed but this mode of perception of looking at everything as an opportunity allows no negative energy feedback.

Share this post


Link to post
Share on other sites

If Joomla offers a repository for centos I would try adding it to get automatic upgrades in the future. It may be a compile from source only app though, I would subscribe to its newsletter for any future security updates. Also any other 3rd party apps you have which don't come from a repository, I would try to keep up on security updates on them also.

 

 

Linux

CentOS 5 + Plesk 8.6

 

The problem was not the operating system but that Joomla 1.5 early versions left a wide open path. Joomla uses mysql database but is also a web-based system; all editing can be done online. My mysql database was intact, but the css files, template files, and configuration was screwed. I have already done a new latest Joomla install. This is a secondary static site so it really wasn't any big deal. I always look at what some perceive as negative as an opportunity; I was briefly somewhat miffed but this mode of perception of looking at everything as an opportunity allows no negative energy feedback.

 

 

gossamer,

 

He was hacked because he didn't keep his 3rd party packages updated not because he was friends with you.

 

Dear Ya Mu,

 

He is (I believe) commonly reading the private (PM's) here at 'Tao Bums'.

 

While I have NO "proof", because you did a kindness for/to me, YOU PAID the price for doing it.

 

I'm very sorry that this happened to you, and I strongly suspect that this happened to you because of ME.

 

Bummer. :(

 

Your friend in Dao, gossamer/Albion

Edited by mwight

Share this post


Link to post
Share on other sites

If Joomla offers a repository for centos I would try adding it to get automatic upgrades in the future. It may be a compile from source only app though, I would subscribe to its newsletter for any future security updates. Also any other 3rd party apps you have which don't come from a repository, I would try to keep up on security updates on them also.

gossamer,

 

He was hacked because he didn't keep his 3rd party packages updated not because he was friends with you.

 

Good advice.

Yeah, things I already knew. Just was kinda lazy and didn't do it.

Share this post


Link to post
Share on other sites
Sign in to follow this