Hi, I am online at the moment at a foreign location (for me, not for the people who live here) and when I selected an website in my browser's history list and entered it, up popped an all-black browser window that I wasn't expecting. It reads: /www.g00ns.net owns you Anon7192 owns you. Get secure. irc.g00ns.net #g00ns if you wish to chat =D http://g00ns-forum.net / I immediately ran rkhunter, chkrootkit, and Klamav all with negative results. / /I am not sure what to do, has my system been breached? / / -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 2008-03-25 at 23:09 -0400, Mark Misulich wrote:
Hi, I am online at the moment at a foreign location (for me, not for the people who live here) and when I selected an website in my browser's history list and entered it, up popped an all-black browser window that I wasn't expecting. It reads:
/www.g00ns.net owns you
Anon7192 owns you. Get secure.
irc.g00ns.net #g00ns if you wish to chat =D
/ I immediately ran rkhunter, chkrootkit, and Klamav all with negative results. /
/I am not sure what to do, has my system been breached?
Hard to say My immediate guess is that it's the web site you were trying to reach that's been hacked. Or do you get the same site for all addresses you try? If you do, try "host <address>" from a command line, where <address> is the host you're trying to reach. If you get 72.20.26.213, then it's the dns of the ISP that's been hacked Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 25 Mar 2008 23:09:09 -0400, Mark Misulich wrote:
Hi, I am online at the moment at a foreign location (for me, not for the people who live here) and when I selected an website in my browser's history list and entered it, up popped an all-black browser window that I wasn't expecting. It reads:
/www.g00ns.net owns you
Anon7192 owns you. Get secure.
irc.g00ns.net #g00ns if you wish to chat =D
/ I immediately ran rkhunter, chkrootkit, and Klamav all with negative results. /
/I am not sure what to do, has my system been breached? /
/
Could be a DNS server that was compromised. I'd be inclined to try looking up your website's address in the local DNS server and in a known good DNS server (using nslookup) and see if they match/are in the same subnet. Jim -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Mark Misulich wrote:
Hi, I am online at the moment at a foreign location (for me, not for the people who live here) and when I selected an website in my browser's history list and entered it, up popped an all-black browser window that I wasn't expecting. It reads:
/www.g00ns.net owns you
Anon7192 owns you. Get secure.
irc.g00ns.net #g00ns if you wish to chat =D
A browser pop-up is not evidence of being hacked.
/ I immediately ran rkhunter, chkrootkit, and Klamav all with negative results. /
Please don't post in anything other than plain text.
/I am not sure what to do, has my system been breached? /
/
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Sam Clemens wrote:
Mark Misulich wrote:
Hi, I am online at the moment at a foreign location (for me, not for the people who live here) and when I selected an website in my browser's history list and entered it, up popped an all-black browser window that I wasn't expecting. It reads:
/www.g00ns.net owns you
Anon7192 owns you. Get secure.
irc.g00ns.net #g00ns if you wish to chat =D
A browser pop-up is not evidence of being hacked.
/ I immediately ran rkhunter, chkrootkit, and Klamav all with negative results. /
Please don't post in anything other than plain text.
/I am not sure what to do, has my system been breached? /
/
Hi, the browser was not a pop-up (noun), it popped up (verb) as in "The browser window that I was expecting did not appear, a differant website appeared in its place (popped up)." I blame myself for placing it in a form that you didn't recognize. I often forget that most of the world can't read english, the rest can't right it. I did select plain text in the message tools, don't know what happened. I did figure out that the website I was trying to reach had been hacked. Where I was staying I found some employees hacking the company computers on several previous occasions. I was trying to be careful, thanks for all who helped. Mark -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Mar 26, 2008 at 4:13 PM, Mark Misulich
I often forget that most of the world can't read english, the rest can't right it.
How true. Thank you for demonstrating your own point. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Wed, Mar 26, 2008 at 4:13 PM, Mark Misulich
wrote: I often forget that most of the world can't read english, the rest can't right it.
How true. Thank you for demonstrating your own point.
Yah, meant to be a joke. One can't take this too seriously or one will lose perspective on life. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Wed, Mar 26, 2008 at 4:13 PM, Mark Misulich
wrote: I often forget that most of the world can't read english, the rest can't right it.
How true. Thank you for demonstrating your own point.
Yah, meant to be a joke. One can't take this too seriously or one will lose perspective on life. Indeed, just a sidenote: all messages in this "Hijacked?"-Therad were received in
Am Donnerstag, 27. März 2008 00:41:18 schrieb Mark Misulich: plain text only.. Regards Michael
On Wednesday 26 March 2008, Mark Misulich wrote:
www.g00ns.net
Hi . If you check you will find that www.g00ns.net and g00ns-forum.net are 2 completely different sites with the unfortunate problem of having the same name just one is prefixed www thats what you get from lazy browser entrys there are a lot of sites around of a similar nature slashgot (slapshot) is one .. Pete . -- SuSE Linux 10.3-Alpha3. (Linux is like a wigwam - no Gates, no Windows, and an Apache inside.) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (7)
-
Anders Johansson
-
Jim Henderson
-
John Andersen
-
M. Skiba
-
Mark Misulich
-
peter nikolic
-
Sam Clemens