Page 4 of 6 FirstFirst ... 23456 LastLast
Results 31 to 40 of 54

Thread: Cheese Webcam Booth - backdoor Trojan?

  1. #31
    Join Date
    Apr 2008
    Location
    Otago
    Beans
    962
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Cheese Webcam Booth - backdoor Trojan?

    Quote Originally Posted by seaq View Post
    aahh, please check in your AP the firewall and port redirection sections, if your AP uses the standard password and the admin web page is accessible from outside, someone could have accessed, configure a redirection to the vnc pc, and from there .. well who nows!?
    How would the admin page be accessible from outside?

    Not sure I understand your suggestion " please check in your AP the firewall and port redirection sections"
    Ubuntu is computer speak for defenestration

  2. #32
    Join Date
    Apr 2008
    Location
    Otago
    Beans
    962
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Cheese Webcam Booth - backdoor Trojan?

    The Firewall and NAT service is enabled on my router.

    No port redirection set up on the router.
    Last edited by dunbrokin; June 29th, 2009 at 12:39 AM.
    Ubuntu is computer speak for defenestration

  3. #33
    Join Date
    Apr 2008
    Location
    Otago
    Beans
    962
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Cheese Webcam Booth - backdoor Trojan?

    Quote Originally Posted by loell View Post
    and if you're really concerned about your personal data and privacy, you should have wipe your old installation by now for a newer one with basic firewall protection. don't go chasing a ghost who could have covered his tracks after that unlikely incident.
    I am not really concerned about the personal data situation...it is more the snooping/spying on people through their webcam etc that bothers me.

    I am not sure what you mean by "unlikely incident" - do you mean a low probability incident or an incident which is unlikely to have happened i.e. a figment of my imagination?

    From what I have read elsewhere, adding a basic firewall does not really give any extra protection to that which you have anyway. It is more a provider of psychological comfort.
    Ubuntu is computer speak for defenestration

  4. #34
    Join Date
    Jan 2008
    Location
    USA
    Beans
    971
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Cheese Webcam Booth - backdoor Trojan?

    I am doubting you were cracked at all, but *if* you were, it was almost definitely from that VNC server.

    The problem with the rootkit scanners is they produce too many false positives and one needs to be somewhat of a security guru to even use them effectively in the first place. And even then they wont do much good if an attacker is aware of the scanner and has altered it in some way.

    The only thing I can say at this point is to:

    A) Keep monitoring your TCP connections to see if any fishy connections to unknown places pops up.

    or

    B) Format/reinstall and be done with the worries. This time be sure to secure that VNC server or, even better, don't use VNC at all. Set up an SSH X tunnel as outlined here.

  5. #35
    Join Date
    Apr 2008
    Location
    Otago
    Beans
    962
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Cheese Webcam Booth - backdoor Trojan?

    Thanks again for that....I appreciate your help.

    I am sure you are right in that I have not been cracked...as in that some malware was not placed on my PC. An intruder certainly was present...but I am pretty sure it was of the tagging variety rather than that of the malicious variety. None the less, I would like to ensure that it does not happen again. The intruder most certainly got to my main PC via the VNC link from my weather PC...but that kind of begs the question of how he got to the weather PC in the first place - given that the set up is similar for both machines?

    What do you recommend for TCP monitoring?
    Ubuntu is computer speak for defenestration

  6. #36
    Join Date
    Oct 2005
    Location
    Davao, Philippines
    Beans
    4,830

    Re: Cheese Webcam Booth - backdoor Trojan?

    Quote Originally Posted by dunbrokin View Post
    I am not sure what you mean by "unlikely incident" - do you mean a low probability incident or an incident which is unlikely to have happened i.e. a figment of my imagination?
    no i'm not implying that you have psychological problems or that you're not sober at that time, hearing voices should still be our last resort of recommendation.

    what i meant by unlikely is, the intruder really waited for you to use cheese and he blew his cover by a voice data stream?

    it's just hard for me to believe he did that after compromising your system, he could have use your system a million different ways yet he choosed to alarm you.

  7. #37
    Join Date
    Apr 2008
    Location
    Otago
    Beans
    962
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Cheese Webcam Booth - backdoor Trojan?

    Indeed...that is what I mean by it was a tagging prank rather than a malicious intrusion.....but it still leaves me with the problem of trying to prevent it from happening again. Even if I do a fresh install, what will change that will stop the tagging intrusion again...? I think I need to try and find the weakness and fix that....but it looks from all the feedback that nobody can really see a weakness in my system set up - apart from the vnc - but that is not really the problem, it is a route from one PC to the other...but does not tackle the initial problem.
    Ubuntu is computer speak for defenestration

  8. #38
    Join Date
    Apr 2008
    Location
    Otago
    Beans
    962
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Cheese Webcam Booth - backdoor Trojan?

    Does this help any? Why would iptstate be showing nothing?
    Attached Images Attached Images
    Ubuntu is computer speak for defenestration

  9. #39
    Join Date
    Oct 2005
    Location
    Davao, Philippines
    Beans
    4,830

    Re: Cheese Webcam Booth - backdoor Trojan?

    Quote Originally Posted by dunbrokin View Post
    Even if I do a fresh install, what will change that will stop the tagging intrusion again...?

    it will rule out that there's a trojan in your system.

    ubuntu's default install is fairly secure even w/o explicitly setting a firewall. by starting from ground zero you will have the opportunity to decide again on what outside programs you'll be installing.

    if it's from ubuntu repository then you can flag the program as safe , if it is from other sources then you begin suspecting if that was the trojan or not.

  10. #40
    Join Date
    Jun 2007
    Location
    Paraparaumu, New Zealand
    Beans
    Hidden!

    Re: Cheese Webcam Booth - backdoor Trojan?

    Quote Originally Posted by dunbrokin View Post
    I am using WEP with a secure password.....for somebody to hack into my wireless, they would have had to sit outside my house in 1 degree C last night....and as I say, I live in a remote area. It is possible, but unlikely that somebody could have been in a car and did it via a laptop.....but I am discounting that theory for now.
    You might want to pencil in changing to WPA or WPA2 on your "To do" list, as it's a lot harder to crack than WEP.

    As unlikely as it is, it could be possible that someone sat nearby in a car with a laptop. I saw a news item on (possibly TV3) a year or two back about people's vulnerability to intrusion, where a reporter did the rounds of some suburban streets, looking for wireless networks which were not properly secured. The reporter noted that many networks he discovered didn't even have WEP enabled.
    Forum DOs and DON'Ts
    Please use CODE tags
    Including your email address in a post is not recommended
    My Blog

Page 4 of 6 FirstFirst ... 23456 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •