You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2008-12-10 19:31:49
- initbox
- Member
- Registered: 2008-09-27
- Posts: 172
System compromised?
Hey,
I'm not sure what I should think of this, so I'm posting here and asking about it... I've gotten G-lined from QuakeNet twice now, with the following message:
You are infected with a trojan, please clean your PC.I guess it's certainly plausible, but I doubt it. The first time it happened they cancelled it quickly and when I went and asked about it, they said it was a mistake. I guess having it happen once is all fine and dandy, but yesterday it happened for the second time.
I'm having a hard time believing it though, since (I'm no expert... But...) I have no services running except mpd, that listen on any ports... No ssh etc. Though I don't have iptables dropping packets, my ports are all simply closed. Having inbound packets dropped is sometimes an inconvenience and I see no added benefit in it. Except that port scanners and whatnot wouldn't get a response..
My system is up to date, except that I'm running on an older kernel since my uptime is a tad over 40 days.
So, should I worry or not? I've been thinking about it, and maybe the previous owner of my IP (dynamic) had a virus-laden computer and they're still kicking me out because of that or something. But then again, I've had this ip for as long as my computer has been up, so..
Offline
#2 2008-12-10 20:35:23
- Daenyth
- Forum Fellow
- From: Boston, MA
- Registered: 2008-02-24
- Posts: 1,244
Re: System compromised?
You say they cleared it the first time. Maybe ask them what could trigger it?
[git] | [AURpkgs] | [arch-games]
Offline
#3 2008-12-10 21:10:28
- initbox
- Member
- Registered: 2008-09-27
- Posts: 172
Re: System compromised?
You say they cleared it the first time. Maybe ask them what could trigger it?
Well it's supposed to happen when people spam some virus urls on the network. I guess it should also happen if some botnet/whatever system uses their network for remote controlling.
But I know I'm not doing it myself, so either I'm compromised or their system fails.
Offline
#4 2008-12-10 22:13:42
- string
- Member
- Registered: 2008-11-03
- Posts: 286
Re: System compromised?
I'd almost certaintly blame it on their system. I've no idea how their detector works but give this a shot: try some different nick/user/"real name" combinations at first.
Offline
#5 2008-12-10 22:19:52
- initbox
- Member
- Registered: 2008-09-27
- Posts: 172
Re: System compromised?
I'd almost certaintly blame it on their system. I've no idea how their detector works but give this a shot: try some different nick/user/"real name" combinations at first.
Yeah, I'm doing that at the moment.
I guess I should just wait and see. But I did worry for a bit..
Offline
#6 2008-12-10 22:53:54
- fukawi2
- Ex-Administratorino
- From: .vic.au
- Registered: 2007-09-28
- Posts: 6,223
- Website
Re: System compromised?
Are you the only computer on the network? There's no *cough*Windows*cough* boxes elsewhere on the network using the same connection that could be making them upset?
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
#7 2008-12-11 05:00:55
- initbox
- Member
- Registered: 2008-09-27
- Posts: 172
Re: System compromised?
Are you the only computer on the network? There's no *cough*Windows*cough* boxes elsewhere on the network using the same connection that could be making them upset?
Nope, there aren't. So mine's the only computer on the network.
Offline
Pages: 1