On Thursday, April 10, 2014 05:29:00 PM Andreas Seeg wrote:
Hi,
Where should I start looking for this problem?
maybe your router/cable box was compromised, and they added a different DNS service or added a proxy server? AVM Fritzbox routers have been in the news because of security issues recently. If that is the case, other devices (smartphones, etc) should show the same problem.
Same could be true for your client. Check your local /etc/resolv.conf for a suspicious DNS entry, or just try changing the IP to 8.8.8.8 (That's a dns server run by google, I'd only use it to test stuff). Also check if HTTP_PROXY is set (env | grep -i http), and if firefox or chromium have a proxy entry in their settings.
If your box was compromised, your best bet should be a reinstall. Make a backup beforehand, especially if you are interested in what went wrong.
This wasn't an exhaustive list of things to check, and I probably forgot a few things. But it's a start :)
Greetings,
Andreas
Thanks Andreas and Marcus. Had a look at /etc/resolv.conf annd found following changes. In two other (reserve setup from opensuse (both 13.1 normal update)I found that after the line ### Please remove (at least) this line when you modify the file! there were no additions. On the problem Thumbnail setup I found nameserver 68.168.98.196 nameserver 8.8.8.8 Removed the first name server and google worked as advertised. At least I have now a working computer but what could I do to prevent anything of the same and are there any other place s where some nasties could hide? :) Again, thanks again for the fast first aid. Constant -- Linux User 183145 using KDE4 and LXDE on a Pentium IV , powered by openSUSE 13.1 (i586) Kernel: 3.14.0-23.gfa168d7-default KDE Development Platform: 4.12.4 22:47pm up 6:30, 3 users, load average: 1.61, 1.49, 1.23 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org