-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-ID: <25f8284e-f352-c68d-6fdf-9f1c115fccc1@Telcontar.valinor> On Wednesday, 2021-02-03 at 14:08 -0500, Doug McGarrett wrote:
On 2/3/21 5:25 AM, Carlos E. R. wrote:
On 03/02/2021 07.53, doug mack wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete. This hack probably
occurred in the last 3 or 4 days, and I apologize for any messages sent to the list from the Linux partition--
I may have sent one or two before finding the situation. I am writing this from Windows (ugh!) after running
Avast Security on this partition. There is no AV software on the Linux partition, and I am having a terrible time
trying to get and install something along this line. The closest I came is Eset, which requires a 32-bit lib, which
I have found, and downloaded, but I'm not sure how to install it. (This is a 32-bit lib on a 64-bit file, somehow.
Eset will not let me proceed without this.) If someone would like to assist, I will open the Linux system, write
down as best I can what I am trying to do and then post it here in Windows, so as not to send any malware to
the list. What evidence do you have of being hacked?
Reporting from Linux--hope that I am not sending malware with this post!
1. I attempted to access CUPS and got a message that there was a security problem, and I could not access CUPS. (I just accessed CUPS today, from the older system I am now running, and it works. Maybe I did something wrong the last time and it complained--it was quite late at nite.)
That sdecurity message is NOT indicative of any problem whatsoever. You must learn to read correctly the messages. There is no security issue at all in there. You probably accessed <https://localhost:631/> instead of <http://localhost:631/> and you got this expected error: +++···················· Warning: Potential Security Risk Ahead Firefox detected a potential security threat and did not continue to localhost. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details. Learn more... [Go back (reccomended)] [Advanced] ····················++- This, in this case, means NOTHING.
2. Went to reboot machine and it barfed. I had to select the second boot option, and select an earlier system, which I am now using.
Well, you are always getting problems...
3. In the last two days have received email stating that an order was received from me to Amazon for a $3000 camera, and that it would be delivered Wednesday, along with a phone number to cancel the order. I did not place such an order, and called Amazon to straighten this out, which they did. It had my full name on it. I forget if it had my house address. Then I got an email for something--I forget what--that would renew annually at a cost of $500, again with a phone number to cancel. I deleted it. Wrote it up on Kate, but apparently Windows Kate file is not readable from Linux.
Who knows why you got that. Probably not related to your Linux. I hope that you did not phone the number you got on the email, as that could be another scam... Of course, you must change your Amazon credentials.
So maybe this version of the OS is not hacked--I hope not--but that's the story. Would still like to install Eset AV program, which requires glibc locale-32bit. This is supposed to be available at https://opensuse.pkgs.org/tumbleweed/opensuse-oss-x86_64/glibc-locale-base-3... but I can't figure out how to download the file. --doug
As almost always, you only need to stop searching internet, and search in yast instead for "glibc-locale-base-32bit". - -- Cheers, Carlos E. R. (from openSUSE 15.2 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCYBsSmxwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVSfIAn3D/x10YUrmyAFSx7Blv lErRgEJiAJwOf3hNz7XvMow4IEL2texWNqtiPw== =sI0t -----END PGP SIGNATURE-----