Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

The wrong password after have been using 1 year.

New to Debian (Or Linux in general)? Ask your questions here!
Post Reply
Message
Author
Rtf
Posts: 7
Joined: 2018-03-02 15:16

The wrong password after have been using 1 year.

#1 Post by Rtf »

I had been using the same password to user account already 1 year.
But 1 month ago in logging process its coughup message - Wrong Password.(I didnt change).
I had been using UFW firewall with default settings.
I had been using ClamAv.
But I have clue maybe some hackers is hacked my system.
Whats its your opinion ?

Sometimes when I used Skype its popup message: "Lets reload your desktop environment". And everything behind skype windows is disappeared.
At once Ive pressed "Agree", but all the next time when its appear again I just reload whole system.
I had been trying update security Debian packages and Skype... but I dont know... Its looks suspect.

Thanks!

User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: The wrong password after have been using 1 year.

#2 Post by GarryRicketson »

But I have clue maybe some hackers is hacked my system.
Whats its your opinion ?
With out even 1 little detail about the system, logs, etc. Not even the version of Debian.
my opinion, it is like a dog barking at night and nothing is there.
I have a very low opinion of this type of post. Maybe I am rude, but I am being honest.

Rtf
Posts: 7
Joined: 2018-03-02 15:16

Re: The wrong password after have been using 1 year.

#3 Post by Rtf »

GarryRicketson wrote:
But I have clue maybe some hackers is hacked my system.
Whats its your opinion ?
With out even 1 little detail about the system, logs, etc. Not even the version of Debian.
my opinion, it is like a dog barking at night and nothing is there.
I have a very low opinion of this type of post. Maybe I am rude, but I am being honest.
I installed its, actually, not 1 year... like 6 month ago. In that moment last version was 9 probably.
And how I can get logs ?
Boot through flash ?

cronoik
Posts: 310
Joined: 2015-05-20 21:17

Re: The wrong password after have been using 1 year.

#4 Post by cronoik »

Which desktop environment do you use? Please enter your password in the username field to see if the keyboard layout is set correctly.
Have a nice day!

Rtf
Posts: 7
Joined: 2018-03-02 15:16

Re: The wrong password after have been using 1 year.

#5 Post by Rtf »

cronoik wrote:Which desktop environment do you use? Please enter your password in the username field to see if the keyboard layout is set correctly.
Its not issue of layout. I've tried everything.
desctop is Cinnamon.

jibberjabber
Posts: 162
Joined: 2016-01-10 16:58

Re: The wrong password after have been using 1 year.

#6 Post by jibberjabber »

In that moment last version was 9 probably.
Probably ? but you are not sure,... is this really your PC ?

I've tried everything.

Did you try doing some searches first ? Did you try what was suggested ?
If you type the password into the username box, it will show what you are typing,
it is possible something is not getting typed correctly.

And how I can get logs ?
Boot through flash ?
Yes, that would be one way, use a usb live system, or live CD, you can also access as root
if you boot in single user mode;
Search, key words: 'How to boot Debian in single user mode', there also a several threads/topics on the forum where it has been explained , how to access and reset a new password, which if you think some one has accessed, or hacked your system, you should definitely change the passwords, both root, and the user.
Actually , if you really know, some one has hacked your system, or that it has been compromised, it would be best to wipe the drive and install a new system, make a back up copy of the data you need to save.
Maybe read the link in GarryRicketons' signature:
http://forums.debian.net/viewtopic.php?f=30&t=47078
written by HelpBot#8453
Alias jibberjabber
I am sorry, my english is not that good, and I sometimes have other problems,so my response might not be perfect.
N5RLX > "Jibber jabber ,all day and all night, jibber jabber jibber jabber"

User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: The wrong password after have been using 1 year.

#7 Post by debiman »

Rtf wrote:Sometimes when I used Skype its popup message: "Lets reload your desktop environment". And everything behind skype windows is disappeared.
At once Ive pressed "Agree", but all the next time when its appear again I just reload whole system.
this sounds very, very wrong.
no third party software should be doing this on a gnu/linux install.
maybe you really have been pwned.
i wonder how you installed skype?

i think you should be using some low-maintenance newbie friendly distro, maybe *buntu or mint.

Rtf
Posts: 7
Joined: 2018-03-02 15:16

Re: The wrong password after have been using 1 year.

#8 Post by Rtf »

Skype was dawnloaded from Microsoft site.
Debian live CD from this site.

So Something weird.
Ive tried whole month to get acces and it wrote about wrong password.
Today this password is fit. I changed root password and user password (just in case), but I am still upset.
And maybe some trojan or other back-door in system.... so changing passwd - means nothing.

And once time today system is frozen no any reaction to any buttons. That is really not *nix behaviour....
I shouted down and reload again.

Actually my wi-fi point is poor ... I am share it with room-mates. In windows I have Symantec wi-fi privacy tools that provide VPN tunnel directly to Symnatec servers.
Does it exist the same software for *Nix systems particularly for Debian ?

SO you can see I have a lot questions...sorry...

jibberjabber
Posts: 162
Joined: 2016-01-10 16:58

Re: The wrong password after have been using 1 year.

#9 Post by jibberjabber »

In windows I have Symantec wi-fi privacy tools that provide VPN tunnel directly to Symnatec servers.
I don't really care what Windows has, we are talking about Debian here, aren't we ?
Does it exist the same software for *Nix systems particularly for Debian ?
I don't know if Symantec has any Linux software. You could do a search to find that out,
Debian does not have that kind of software in it's repositories, they do have utilities and packages that are for helping to make it more secure, monitoring the networks, connections etc. IP tables is used to make and control a firewall, there also is a package
called "UFW" https://wiki.debian.org/Uncomplicated%2 ... 0%28ufw%29
SO you can see I have a lot questions...sorry...
This : https://wiki.debian.org/SetupGuides/Sec ... alComputer
Goes into a lot of detail, and maybe answers some if not all of your questions,
And maybe some trojan or other back-door in system.... so changing passwd - means nothing.
Again, if you really think your system was compromised , yes , you are right just changing your passwords means nothing, "they", the attacker is all ready in there and probably can see every change you make. You should complete wipe the drive. Then install the OS again.
If you really are concerned about keeping a secure system, Don't install anything from Microsoft, they can not be trusted, if you re-install windows, it is meaning less, because you are re-installing a insecure OS, designed that way by intention. Why do you think they make a OS that is very vulnerable to viruses ? When it is very possible to make a OS pretty secure by default. Debian is relatively secure, by default, right out of the box.
No need for Symanatec, Norton, or any of the expensive propriety, close source programs
written specifically for MS windows. Why does Microsoft continue building a vulnerable OS ? The ant-virus software, companies, are interested in 1 thing, (your security is not that one thing) They support Microsoft, and need Microsoft support, if Windows was secure, there would be no money in that, the Big Money is in the software needed to protect the vulnerable OS, For Microsoft,Norton, Symantec, and there are others, it is more profitable to not sell you a secure OS. Then distribute other forms of mal-ware that is easy to download, easy to install, and then you need to buy a even better Anti virus or anti malware program, made specifically for Microsoft, (MS windows), it is a vicious cycle, and Bill Gates is laughing all the way to the bank.

Here is something, that just scratches the surface:
https://www.cbc.ca/news/technology/nort ... -1.2694494
========================
SO you can see I have a lot questions...sorry...
No problem, but as you can see "Lot's of questions", lead to lot's of topics, and it is
better to stick with 1 question, for 1 problem, in 1 topic.
Today this password is fit. I changed root password and user password (just in case), but I am still upset.
And maybe some trojan or other back-door in system.... so changing passwd - means nothing.
Here you say you did solve the password issue ? and set new ones ?
That is really not *nix behaviour....
Do you really have enough experience with so called "*nix behaviour" to say what is the normal behavior, I don't think so.
Unix, and many (but not all) Unix like systems, behaves the way the administrator configures the system to behave. It sounds like you have no clue about administrating and setting up any Unix like system, which is ok, we all started out not knowing anything.
But how can you know how *nix is supposed to behave, ? I am sure my system behaves entirely different from yours, to start with mine is secure, and NO ms products are used on it, mine behaves quite well, and no need for symantec, norton, etc,... no viruses, etc.
If I did start adding all sorts of MS products, along with the Windows OS, or downloadeing random software, from random websites, claiming it is a Windows program, but re-compiled for Linux,... well, my safe , reliable , secure system would become like yours, and no that is not the way *nix was/is intended to be used. And no it is not Unix, nor Unix like behavior, it starts behaving like all the other MS products, not secure, infected with viruses and mal ware, extremely vulnerable. The choice is yours, use a pure,clean , reliable,secure , *nix distro. Or try to create dual boot mixes, and add all sorts of "risky" software to your machine.
That is about it for now.
written by HelpBot#8453
Alias jibberjabber
I am sorry, my english is not that good, and I sometimes have other problems,so my response might not be perfect.
N5RLX > "Jibber jabber ,all day and all night, jibber jabber jibber jabber"

Rtf
Posts: 7
Joined: 2018-03-02 15:16

Re: The wrong password after have been using 1 year.

#10 Post by Rtf »

So, when I noticed about symantec Wi-Fi privacy software... I mean about secure in Public Wi-Fi network such as protect from Man-in-middle atack.

How it suppose to get same secure in *Nix system ? What software you are use to this purpose ?


The next issue : Whats happen in your forum ? - Why its doesnt have HTTPS connection ?

I tried a few devices all of them show unsecure http connect. Look screenshot: Image

User avatar
GarryRicketson
Posts: 5644
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: The wrong password after have been using 1 year.

#11 Post by GarryRicketson »

Nothing new in that question, there are several topics where that has been asked and discussed. If you think https keeps your PC secure you live in a fantasy word.
http://forums.debian.net/viewtopic.php?f=12&t=135067
========================
http://forums.debian.net/viewtopic.php?f=12&t=135350
====================
http://forums.debian.net/viewtopic.php?f=12&t=118960
And there might even be more, those are the first 3 I see.
========================
And then this might be a good read, as well:
http://forums.debian.net/viewtopic.php?f=12&t=136293
Speaking of "google", the other question:
How it suppose to get same secure in *Nix system ?
How to make my Debian PC or Laptop secure
===========================
1 of many hits: https://www.debian.org/doc/manuals/secu ... ian-howto/
============================
If it is a server:
How to keep my Debian server secure
1 of many hits:
https://www.debian.org/doc/manuals/secu ... es.en.html
What software you are use to this purpose ?
No special software, written by companies and developers that hide the truth, in "closed source code" is needed. The commands needed to configure a secure system are all ready there, in the base system, the system admin configures the system as they see fit.
There are some packages in Debian repositories that can be used to help, Like
"UFW" and GUFW for example .
https://lmsptfy.com/?q=Packages%20to%20help%20secure%20my%20Debian%20system
=========
https://www.debian.org/security/
=============================
from:https://www.debian.org/doc/manuals/secu ... es.en.html 5.14.3.1 Using firewall packages

Setting up manually a firewall can be complicated for novice (and sometimes even expert) administrators. However, the free software community has created a number of tools that can be used to easily configure a local firewall. Be forewarned that some of these tools are oriented more towards local-only protection (also known as personal firewall) and some are more versatile and can be used to configure complex rules to protect whole networks.

User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: The wrong password after have been using 1 year.

#12 Post by debiman »

i repeat, what you describe sounds bad.
take some action.
if that action is to not use debian or even linux anymore, fine.
but i can tell you that many, many people use it without any security issues.
Rtf wrote:The next issue : Whats happen in your forum ? - Why its doesnt have HTTPS connection ?
I tried a few devices all of them show unsecure http connect.
it does not require an encrypted connection.
just don't use the same password that you use to secure your bank account, lol.

where "trust" and "security" can be bought for $$$, it is overrated.
there's no need to make the whole internet https.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: The wrong password after have been using 1 year.

#13 Post by Head_on_a_Stick »

Rtf wrote:So, when I noticed about symantec Wi-Fi privacy software... I mean about secure in Public Wi-Fi network such as protect from Man-in-middle atack.

How it suppose to get same secure in *Nix system ? What software you are use to this purpose ?
I run a local, authenticated nameserver on all my machines.

The stock Debian stable system already includes systemd-resolved and unbound is available in the repositories.
debiman wrote:where "trust" and "security" can be bought for $$$, it is overrated.
+1

We don't need https here.
deadbang

Rtf
Posts: 7
Joined: 2018-03-02 15:16

Re: The wrong password after have been using 1 year.

#14 Post by Rtf »

I run a local, authenticated nameserver on all my machines.
Do you mean - you built whole domain system in you home ?

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: The wrong password after have been using 1 year.

#15 Post by Head_on_a_Stick »

Rtf wrote:you built whole domain system in you home ?
No, I just run a nameserver that checks the IP addresses against an authenticated list.

Both systemd-resolved and unbound are DNSSEC capable:

Code: Select all

empty@alpine:~ $ dig pir.org +dnssec +multi

; <<>> DiG 9.12.2-P1 <<>> pir.org +dnssec +multi
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20269
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;pir.org.		IN A

;; ANSWER SECTION:
pir.org.		300 IN A 97.107.141.235
pir.org.		300 IN RRSIG A 5 2 300 (
				20181015084003 20181001084003 13113 pir.org.
				p/nq6RODwnOcZydORmQcNKMkzD/AXxRpI2VhSkCGAWe8
				gxg17yiBzQg4yFIbdmmM7QX3QFsfpmkgoZTd7WXXPkU4
				VoccJ69/KN7z3nx4d37yWwWmdnkSp9a2kCCVTSRgBFnt
				b5CqziED6NUzikdWkmlNbTneJ/TK6xWljbfajtg= )

;; Query time: 2625 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Oct 01 19:06:59 BST 2018
;; MSG SIZE  rcvd: 219

empty@alpine:~ $ dig www.dnssec-failed.org 

; <<>> DiG 9.12.2-P1 <<>> www.dnssec-failed.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51129
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.dnssec-failed.org.		IN	A

;; Query time: 3865 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Oct 01 19:07:18 BST 2018
;; MSG SIZE  rcvd: 50

empty@alpine:~ $
deadbang

Rtf
Posts: 7
Joined: 2018-03-02 15:16

Re: The wrong password after have been using 1 year.

#16 Post by Rtf »

No, I just run a nameserver that checks the IP addresses against an authenticated list.
Not clear got what that mean. I know in antispam system use checking back zone to resolve name of mail server. Is it something like this ?

Whatever, where is suppose to get some realy good courses for study linux... for study security in linux ?
I mean not courses for hiring like administrator but like advanced user ?
Thanks!

Post Reply