WARNING: they can pass UFW firewall incoming blocked...

Here you can discuss every aspect of Debian. Note: not for support requests!

WARNING: they can pass UFW firewall incoming blocked...

Postby xenon » 2018-02-14 06:13

...except http(s)

They can change my user password from outside (incoming) with maybe they retrieved by CCTV camera's, or have hacked it with password crackers (but then they cracked a 20 characters strong password within a couple of hours)
xenon
 
Posts: 12
Joined: 2015-12-29 23:44

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby pawRoot » 2018-02-14 06:19

what ?
User avatar
pawRoot
 
Posts: 536
Joined: 2016-12-28 18:26
Location: Poland

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby xenon » 2018-02-14 06:24

pawRoot wrote:what ?


what do you not understand?
xenon
 
Posts: 12
Joined: 2015-12-29 23:44

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby Head_on_a_Stick » 2018-02-14 06:48

Isn't a rootkit a more likely source for your problem?

Or not enough blue pills... :mrgreen:
User avatar
Head_on_a_Stick
 
Posts: 8012
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby xenon » 2018-02-14 08:19

Head_on_a_Stick wrote:Isn't a rootkit a more likely source for your problem?

Or not enough blue pills... :mrgreen:


OK! they could have retrieved the password that way (key logger going out) maybe, but then again how can they come in, and change this password, when all incoming is blocked (except http and https)??? or is a rootkit in the BIOS some kind of back door for the firewall???
xenon
 
Posts: 12
Joined: 2015-12-29 23:44

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby n_hologram » 2018-02-14 12:29

Define "they."
Explain how you know they did all the things you claim they "can" do.
Or is this another paranoia thread, like your first -- and only other -- thread on this forum?
viewtopic.php?f=10&t=126346&p=603025
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing

the crunkbong project: scripts, operating system, the list goes on...
n_hologram
 
Posts: 437
Joined: 2013-06-16 00:10

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby GarryRicketson » 2018-02-14 13:16

Don't know that I can take this seriously, Who are "they" ? , There are some experts, that can actually access your PC even when it is shut down, not running, via you Intel ME, and the micro kernel it has, using the minix 3 server embedded in it.
I need to know, who "they" are , so I can tell them to stop messing with your passwords, that is not nice. :twisted: :mrgreen:

From "them": ( do some search foo for details).
MINIX also has access to your passwords. It can also reimage your computer's firmware even if it's powered off. Let me repeat that. If your computer is "off" but still plugged in, MINIX can still potentially change your computer's fundamental settings.

And, for even more fun, it "can implement self-modifying code that can persist across power cycles". So, if an exploit happens here, even if you unplug your server in one last desperate attempt to save it, the attack will still be there waiting for you when you plug it back in.

How? MINIX can do all this because it runs at a fundamentally lower level.

Image
====================
More Minix screen shots
User avatar
GarryRicketson
 
Posts: 5133
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby pcalvert » 2018-02-14 14:41

There is probably malware on your computer, of the remote access type. If I am right, then the question is "How did it get on there?"

Are you using pure Debian or a derivative?
Are you installing software from other places besides the official Debian repositories?

Phil
“Property is the fruit of labor; property is desirable; it is a positive good
in the world. That some should be rich shows that others may become
rich, and hence is just encouragement to industry and enterprise.”
— Abraham Lincoln
pcalvert
 
Posts: 1799
Joined: 2006-04-21 11:19
Location: Sol Sector

Re: WARNING: they can pass UFW firewall incoming blocked...

Postby steve_v » 2018-02-15 07:33

xenon wrote:...except http(s)

... Which may well be a security hole one can drive a bus through, depending on how the server listening on those ports is configured.

If you have a legitimate security concern, provide some details - starting with iptables rules and listening services.
Have you done any investigation into how this box was compromised, or is this "WARNING" thread simply an attempt to scare people?

The "they" you speak of certainly cannot pass what does not exist, so either this "UFW" thing isn't doing what you think it is, or you have some poorly protected webserver running.
Or you have a rootkit. 'man netstat', 'man rkhunter' and 'man debsums' would be valid places to start.
steve_v
 
Posts: 695
Joined: 2012-10-06 05:31
Location: New Zealand


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 8 guests

fashionable