On Friday, April 11, 2014 10:53:17 AM Joachim Schrod wrote:
On 04/11/14 07:14, C. Brouerius van Nidek wrote:
On Thursday, April 10, 2014 10:22:44 PM Joachim Schrod wrote:
On 04/10/14 18:24, C. Brouerius van Nidek wrote:
Where should I start looking for this problem?
Small additional side question. My wife's Windows computer also got the problem. She is still on Windows but the change to Linux looms :).
She was at least instructed not to update any files so no virus for the time being.
Where do I find the changed suspicious DNS ? Anybody within reach with a basic understanding of Windows? The last Windows I worked with was the version 3.1.1.
Do you have a router that gives out IP addresses for your home network? [...]
Then the problematic DNS entry is handed out by your router. As Marcus and Andreas wrote, quite some routers (especially AVM Fritz-Boxes) recently had a serious vulnerability that is actively exploited.
I am using ifup because it worked from installation on. Never bothered to work with NetworkManager. Would that have spared me the actual problems?
No, it would have made it more complicated.
With networking I am a total novice. I have at the moment three computers connected on one router, a TP-Link TD-8840T. I have never started to connect the three via the router so I assume that they all separately connect to the internet.
Yes, via the router. The router hands out IP addresses and also tells your three computers the DNS server that caused the problem. (Since you are a total novice: DNS is the service that maps host names like www.google.com to IP addresses like 74.125.143.106.)
Next step is: Use http://www.router-backdoor.de/?lang=en to check if your router has the currently exploited vulnerability.
Port 32764 backdoor is not provided. That one intrusion possibility crossed of the list. Gruss, Constant -- Linux User 183145 using KDE4 and LXDE on a Pentium IV , powered by openSUSE 13.1 (i586) Kernel: 3.14.0-23.gfa168d7-default KDE Development Platform: 4.12.4 17:52pm up 1 day 1:35, 3 users, load average: 1.55, 1.26, 1.01 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org