Search:

Type: Posts; User: OpSecShellshock; Keyword(s):

Page 1 of 10 1 2 3 4

Search: Search took 0.02 seconds.

  1. Replies
    23
    Views
    3,489

    [ubuntu] Re: Am I being hacked? I really think so.

    If you're getting reports of a mail account being accessed from another browser on another system that isn't yours, then it's the account that has been compromised, not the computer. Usually this...
  2. Re: How to go to an untrusted site in Firefox?

    If you open a new tab and put in the address bar:


    about:certerror

    do you have the "I understand the risks" option? If so, you can probably click through to the exceptions dialog and put the...
  3. [ubuntu] Re: snip.ps and other url-shortening domains

    A URL shortener that redirects to a phishing site will still, in the end, display a domain in the address bar that is not the site it's claiming to be. All that the URL shortener has done is provide...
  4. Replies
    24
    Views
    1,803

    Re: Possible Security Breach?

    Honestly, if that kind of system change was made on one of my computers I wouldn't bother investigating further. I'd just wipe it out and reinstall. If I were sufficiently curious I'd examine the...
  5. Replies
    24
    Views
    1,803

    Re: Possible Security Breach?

    Any script that would make that kind of a change, especially if it's a software installation script, is bad news. No telling what else it may have done, but it's worth checking into.
  6. [lubuntu] Re: this web page was blocked by extension.

    Nothing there anyway from what I can see. In other words, I went to the site with scripts disabled and got nothing. Looked at the source and it just loads a frame with an encoded string, which is not...
  7. [all variants] Re: looking at SSO options, please advise

    That's sort of what I was thinking. OpenLDAP for regular every day user authentication and then separate local accounts on systems for specific people who need to elevate privileges on specific...
  8. [ubuntu] Re: Automatical redirection to a site that I don't know

    I mistyped youtube in the same way and got the redirect to that domain. It was a blank page, but I have scripts blocked. Those kinds of typosquat domains could serve anything, but my best guess is...
  9. Replies
    13
    Views
    790

    [other] Re: A question about router security.

    If you don't control the network then you have no way to absolutely ensure the integrity of communications between your computer and the internet.

    Best thing is probably to contact an ISP and get...
  10. Replies
    17
    Views
    1,021

    [kubuntu] Re: Question about router

    I suppose it depends on your local ufw rules and whether you communicate with other LAN devices from your computer. If you use the default of allowing outbound connections but not allowing...
  11. Replies
    59
    Views
    3,023

    [all variants] Re: Are We Being Paranoid?

    I don't think legitimate ads themselves get compromised so much as fraudulent "companies" place ads with platform providers, sometimes going as far as to submit one advertisement for review that is...
  12. [ubuntu] Re: Does this mean malware is on my computer?

    Acunetix is the name of a vulnerability scanner. The top part of what you posted appears to be an attempt to find a directory traversal vulnerability. It's odd that it would have turned up. In my...
  13. Replies
    12
    Views
    5,714

    [SOLVED] Re: Troubleshooting snort ids

    Looks like things should be pretty much in order, but until some events start coming in due to signature matches it will be difficult to identify the problem. Engage in some network activity for a...
  14. Replies
    12
    Views
    5,714

    [SOLVED] Re: Troubleshooting snort ids

    OK so the next couple things I'd make sure of:

    Did you restart snort after changing the snort.conf file? Is the http_inspect preprocessor active? Are there rules in your /etc/snort/rules...
  15. Replies
    59
    Views
    3,023

    [all variants] Re: Are We Being Paranoid?

    It's not just legit/reputable sites being compromised directly. What I see most often when I'm actively monitoring are malicious ads. Sure, there are many, many small and large sites with out of date...
  16. Replies
    12
    Views
    5,714

    [SOLVED] Re: Troubleshooting snort ids

    In your snort.conf file in the section toward the top where you define network variables (HOME_NET, etc.) does it say "ipvar" or "var"? If you are using IPv4 and not IPv6 you'll need to make sure it...
  17. [ubuntu] Re: Passphrase received in plain text e-mail

    Oh, I didn't realize you were talking about infosec lists! No, no, the stuff we come up with is for other people to do, not us.
  18. [ubuntu] Re: Passphrase received in plain text e-mail

    For a lot of sites it's the only means they have of getting a new password to the user, and they do tend to suggest changing it immediately. It does carry risks in the event of interception, and it...
  19. Replies
    28
    Views
    2,033

    [ubuntu] Re: A new threat?

    There wouldn't be anything in the repositories, but there are packages created by OpenDNS developers apparently. Check out this post for links and instructions. As far as I know, DNSCrypt is the only...
  20. Replies
    1
    Views
    282

    [ubuntu] Re: libxml2 buffer overflow

    OK, so you're dealing with something signature based. The thing you'll want to do is see if it's even anything to worry about in the first place. Read the signature itself to see what it's written to...
  21. Replies
    10
    Views
    2,145

    [ubuntu] Re: Fx29Shell attack

    Re-install, make sure that Apache, PHP, and Wordpress are patched and up to date, and reset all passwords.
  22. [ubuntu] Re: Passphrase received in plain text e-mail

    One way to determine if passwords aren't hashed is to see if there's a list of special characters you aren't allowed to use when choosing your own password. If they tend to function as operational...
  23. Replies
    28
    Views
    2,033

    [ubuntu] Re: A new threat?

    Technically yes, practically no. In order to do specifically and exactly what the ISP is doing in the article, an attacker would have to compromise the ISP itself (or the DNS servers that you have...
  24. Replies
    28
    Views
    2,033

    [ubuntu] Re: A new threat?

    These are basically 2 different things if the ISPs are doing what I suspect. In the case of ISP redirections, even if you use alternative DNS, you are still sending requests and receiving responses...
  25. [ubuntu] Re: Firefox/Ubuntu not immune to Yahoo! mail exploit

    Found an article this morning that explains what's most likely going on in this situation. As most of us thought, the bug is not on the client side. This is something Yahoo has to find and fix.
Results 1 to 25 of 250
Page 1 of 10 1 2 3 4