ATTENTION: Virus, spy-ware, or harmless?

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read this

Re: Problem remains

Postby Dr.U on Fri Jan 05, 2007 6:46 pm

scorp123 wrote:
Dr.U wrote:### Contents of /etc/hosts ###

127.0.0.1 localhost
127.0.1.1 woody.schwarzwald
Change this to:
Code: Select all
127.0.0.1 localhost localhost.localdomain yourmachineshostname
The line 127.0.1.1 can be commented out.

Dr.U wrote:# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
I suppose you're not using IPv6? OK, comment all those lines out.

Dr.U wrote:### Contents of /etc/resolv.conf ###
domain schwarzwald
Shouldn't that be schwarzwald.de or something like that? Or maybe the DNS domain of your provider?

Dr.U wrote:### Contents of /etc/network/interfaces ###

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.16.2
netmask 255.255.255.0
gateway 192.168.16.1

auto eth1
iface eth1 inet dhcp

auto eth2
iface eth2 inet dhcp

auto ath0
iface ath0 inet dhcp

auto wlan0
iface wlan0 inet dhcp
Are you sure the number of Ethernet interfaces shown here is right? You have three of them! One set to static and the other two to DHCP? What happens if you comment out those apparently unneeded lines?


Thank you for your attention to this problem(s)! I have made the changes you suggested to hosts and, since I deactivated IPv6 it probably isn't necessary to comment out the remaining IPv6-related lines, but I'll do it anyway just to be sure!

As for the the resolv.conf contents, I am not using DHCP but a local network (with a static IP) called schwarzwald because that is the name of the workgroup on my wife's M$ Windows machine that is on our LAN -- although I never use this LAN to communicate with that box nor does she use her machine to talk with mine. Still I enter it always just in case we decide it is necessary for the two machines to communicate with each other in the future. I do not have a steady provider. I use various call-up providers (internet call-by-call is what it is called here) depending on the time of day and their per-minute charges.

As for the other ethernet interfaces: they are entered by default in Ubuntu and also other distro network configurations. They are not used (note that they do not have any addresses associated with them, and I only have one ethernet card in my machine; also the "Devices - Network Tools" app only shows one wired device: eth0). But again, just to be sure: I will remove them too.

Regards,
-- Dr.U
User avatar
Dr.U
Level 2
Level 2
 
Posts: 65
Joined: Wed Jan 03, 2007 10:24 am
Location: Ettlingen, Germany

Linux Mint is funded by ads and donations.
 

Re: ATTENTION: Virus, spy-ware, or harmless?

Postby Dr.U on Fri Jan 05, 2007 6:54 pm

npap wrote:Hello Dr.U,
I too have noticed my eth0 network connection blinking madly at statrup, as if I'm downloading something.
It got me worried too. So I installed the Firestarter firewall (it is configurable). And in order to see what's going out or coming in, I installed a nice network monitor package called KnetDockApp.

They both can be found in Synaptic.
Greetings,
npap


Thanks for the tips npap! You probably know that checks are made automatically at start up to some NTP (Network Time Protocol?) server(s) in order to synchronize your clock. I'm not sure how to turn that off, but I'm sure someone in this forum could tell us how to do that.

I'll check out the KnetDockApp, but if it requires installing lots of KDE libraries, then I will look around for something else. I guess that I should also look into setting up a firewall with Firestarter (groan, I hate having to do this stuff: why is it necessary with LinuxMint but not with Edubuntu?).

Again, thank you very much.

Regards,
-- Dr.U
User avatar
Dr.U
Level 2
Level 2
 
Posts: 65
Joined: Wed Jan 03, 2007 10:24 am
Location: Ettlingen, Germany

Re: Problem remains

Postby scorp123 on Fri Jan 05, 2007 7:30 pm

Dr.U wrote: I am not using DHCP but a local network (with a static IP) called schwarzwald because that is the name of the workgroup on my wife's M$ Windows machine that is on our LAN
That's why I f***ing hate Microsoft. They kidnap terms and terminology and then everyone thinks that this is the same stuff: resolv.conf is about TCP/IP .. NOT about Microsoft's broken and braindead networking non-standards. When someone says domain or domain name then this means DNS. Stuff like linuxmint.com, ubuntu.org, google.com, and so on. This has nothing whatsoever to do with Microsoft "Workgroups" or "Windows Domains". In theory you could make something up here, e.g. dr.u.net or schwarzwald.linuxmint.net or you could use the real domain name of your Internet Service Provider, e.g. t-online.de or arcor.de or whatever it is in your case. No matter what you set here, this has no influence over whether or not SAMBA and Windows Networking will work or not. These two topics use entirely separate settings. We are talking TCP/IP and DNS here. NOT Windows Networking. OK? :D

Dr.U wrote: although I never use this LAN to communicate with that box nor does she use her machine to talk with mine. Still I enter it always just in case we decide it is necessary for the two machines to communicate with each other in the future.
Please read above. Setting your DNS settings to the same value as your Windows Network is not going to help (or harm) in any way, this has absolutely no influence at all. Just to make sure we talked about this :lol:

Dr.U wrote: I do not have a steady provider.
Why no broadband?? It's much much cheaper and waaaaay faster. :wink: And given the speeds and prices you get offered in Germany you should easily find a plan that would suit you. When I see the ADSL speeds you can get in Germany I really sometimes want to massacrate those morons here at Swisscom (our ex-state owned monopoly ... still a monopoly !!) for not giving us ADSL users more speed. The only alternative here is Cablecom (a monopoly too!), and their stuff connects via the TV connector, eg. you get a so called "cable modem" ... but their service so totally sucks IMHO that so far I see no choice but to stay with Swisscom. Their ADSL offering is a bit slower than Cablecom but at least their service is 1st class. You however in Germany have sooooo many providers to select from .... So why bother with ISDN? :?

Dr.U wrote: NTP (Network Time Protocol?)
Check the boot scripts ... On my system I have this menu: System ==> Administration ==> BootUp Manager ... You can take a look at it and see if you find anything that says something about ntp ... But watch out! Do not disable any service unless you really really know what you do! You might cripple your system if you disable vital stuff!

Regards,
Scorp123
User avatar
scorp123
Level 8
Level 8
 
Posts: 2287
Joined: Sat Dec 02, 2006 4:19 pm
Location: Switzerland

Re: ATTENTION: Virus, spy-ware, or harmless?

Postby rlozano on Sat Jan 06, 2007 1:59 am

Dr.U wrote:
npap wrote:Hello Dr.U,
I too have noticed my eth0 network connection blinking madly at statrup, as if I'm downloading something.
It got me worried too. So I installed the Firestarter firewall (it is configurable). And in order to see what's going out or coming in, I installed a nice network monitor package called KnetDockApp.

They both can be found in Synaptic.
Greetings,
npap


Thanks for the tips npap! You probably know that checks are made automatically at start up to some NTP (Network Time Protocol?) server(s) in order to synchronize your clock. I'm not sure how to turn that off, but I'm sure someone in this forum could tell us how to do that.

I'll check out the KnetDockApp, but if it requires installing lots of KDE libraries, then I will look around for something else. I guess that I should also look into setting up a firewall with Firestarter (groan, I hate having to do this stuff: why is it necessary with LinuxMint but not with Edubuntu?).

Again, thank you very much.

Regards,
-- Dr.U


if you don't want that application given by npap to monitor your internet activity, try installing bmon. its a terminal base bandwidth monitor, and you can see from there which one has an activity.

you can install bmon, using the add/remove option in the internet section or from the terminal, you can type sudo aptitude install bmon. once installed, open a terminal and type bmon.

to make things sure, i suggest that you install a firewall, but in my case, i have 3 machines witn mint on, and i have not experience your scenario.

also, you may want to check using the configuration-editor to see your nautilus configuration, under the apps-->nautilus section, and try t find out if there's any setting that makes your nautilus access remotely. most of the options there should be local_only.

hope this helps...
User avatar
rlozano
Level 2
Level 2
 
Posts: 67
Joined: Tue Dec 19, 2006 7:57 am

SOLVED!!!!

Postby Dr.U on Sat Jan 06, 2007 8:09 am

I am extremely pleased to announce that the problems with Gnome apps opening internet connections when they are started, and Gnome apps being very slow when the router is turned off, seem to be solved :D

I did three changes, as suggested: in the file /etc/network/interfaces I commented out the lines for "eth1", "eth2", "ath0" and "wlan0" (and the single line following each entry too); in the file /etc/hosts I made the suggested changes, and in the file /etc/resolv.conf I removed the domain reference. I don't know which of these changes was the decisive change, and I don't feel like going back and doing them one at time to find out (unless someone out there really wants to know). So:

Thank you, everyone, for your time and help in solving this!!!

This shows that Linux Mint has a concerned, patient and intelligent community, that doesn't make degrading remarks to non-gurus (like myself). Bravo! :D

Now on to some replies:

scorp123 wrote:
Dr.U wrote: I am not using DHCP but a local network (with a static IP) called schwarzwald because that is the name of the workgroup on my wife's M$ Windows machine that is on our LAN
That's why I f***ing hate Microsoft. They kidnap terms and terminology and then everyone thinks that this is the same stuff: resolv.conf is about TCP/IP .. NOT about Microsoft's broken and braindead networking non-standards. When someone says domain or domain name then this means DNS. Stuff like linuxmint.com, ubuntu.org, google.com, and so on. This has nothing whatsoever to do with Microsoft "Workgroups" or "Windows Domains". In theory you could make something up here, e.g. dr.u.net or schwarzwald.linuxmint.net or you could use the real domain name of your Internet Service Provider, e.g. t-online.de or arcor.de or whatever it is in your case. No matter what you set here, this has no influence over whether or not SAMBA and Windows Networking will work or not. These two topics use entirely separate settings. We are talking TCP/IP and DNS here. NOT Windows Networking. OK? :D


Thanks for the info, scorp! No one ever told me this and never have I seen it listed anywhere. Indeed, I am pretty sure that I once found info that started me in this incorrect direction in some Linux mag article about networking (long ago, mind you).

scorp123 wrote:
Dr.U wrote: I do not have a steady provider.
Why no broadband?? It's much much cheaper and waaaaay faster. :wink: And given the speeds and prices you get offered in Germany you should easily find a plan that would suit you. When I see the ADSL speeds you can get in Germany I really sometimes want to massacrate those morons here at Swisscom (our ex-state owned monopoly ... still a monopoly !!) for not giving us ADSL users more speed. The only alternative here is Cablecom (a monopoly too!), and their stuff connects via the TV connector, eg. you get a so called "cable modem" ... but their service so totally sucks IMHO that so far I see no choice but to stay with Swisscom. Their ADSL offering is a bit slower than Cablecom but at least their service is 1st class. You however in Germany have sooooo many providers to select from .... So why bother with ISDN? :?


Theoretically, you are right. Practically, the German telecom still has too much power and control over telecommunication in Germany, and has absolutely terrible service/business practices. One example (actually this happened to 2 of my friends, about 12 months apart, and I have seen reports about this and similar problems on television), my friend had TDSL (DSL from the Deutsche Telecom) and sent them a letter terminating the service and switching it to another DSL provider (that is a re-saler that uses the Deutsche Telekom lines). As a reply from the D. Telekom, she gets a letter thanking her for her "new" subscription to TDSL!! Her bank account is now being zapped from both the new provider and the Deutsche Telekom (hereafter called DT)!! The DT said that they are "sorry" for this error and that it will be corrected. This has continued now for over two months with no correction yet. The other friends needed over six months before the DT stopped trying to zap their bank account (they blocked the account after the first withdrawal), another 6 months before the money was transferred back (without interest, of course), and during this time regularly sent letters threatening legal action against my friends for blocking the bank account.

For me the DT is poison and I will never risk trying any product from them -- rather a slow ISDN than Kafka-like nightmares!! Besides, our relatively new penthouse flat that we bought in 1999 has glass-fiber lines (not copper) and, although the DT has now a technology that is even faster than DSL for such lines they have stopped installing it (after only installing it the cities that hosted the recent soccer world championship games). They have no current plans to restart installations (according to their customer service), and (according to news reports) they are stalling in an attempt to put pressure on the regulating authorities to ease up on cutbacks of the DTs existing market advantages (accrued from their previous monopoly) -- sounds like they are following the well-known examples of Mr. Bill Gates.

scorp123 wrote:
Dr.U wrote: NTP (Network Time Protocol?)
Check the boot scripts ... On my system I have this menu: System ==> Administration ==> BootUp Manager ... You can take a look at it and see if you find anything that says something about ntp ... But watch out! Do not disable any service unless you really really know what you do! You might cripple your system if you disable vital stuff!

Regards,
Scorp123


Thanks for the tips. I'll check and see what I can find.

Regards,
-- Dr.U
User avatar
Dr.U
Level 2
Level 2
 
Posts: 65
Joined: Wed Jan 03, 2007 10:24 am
Location: Ettlingen, Germany

Re: ATTENTION: Virus, spy-ware, or harmless?

Postby Dr.U on Sat Jan 06, 2007 8:17 am

rlozano wrote:
Dr.U wrote:
npap wrote:Hello Dr.U,
I too have noticed my eth0 network connection blinking madly at statrup, as if I'm downloading something.
It got me worried too. So I installed the Firestarter firewall (it is configurable). And in order to see what's going out or coming in, I installed a nice network monitor package called KnetDockApp.

They both can be found in Synaptic.
Greetings,
npap


Thanks for the tips npap! You probably know that checks are made automatically at start up to some NTP (Network Time Protocol?) server(s) in order to synchronize your clock. I'm not sure how to turn that off, but I'm sure someone in this forum could tell us how to do that.

I'll check out the KnetDockApp, but if it requires installing lots of KDE libraries, then I will look around for something else. I guess that I should also look into setting up a firewall with Firestarter (groan, I hate having to do this stuff: why is it necessary with LinuxMint but not with Edubuntu?).


if you don't want that application given by npap to monitor your internet activity, try installing bmon. its a terminal base bandwidth monitor, and you can see from there which one has an activity.

you can install bmon, using the add/remove option in the internet section or from the terminal, you can type sudo aptitude install bmon. once installed, open a terminal and type bmon.

to make things sure, i suggest that you install a firewall, but in my case, i have 3 machines witn mint on, and i have not experience your scenario.

also, you may want to check using the configuration-editor to see your nautilus configuration, under the apps-->nautilus section, and try t find out if there's any setting that makes your nautilus access remotely. most of the options there should be local_only.

hope this helps...


As you have now seen, my problem seems to be history. But, I will now be checking out bmon anyway. Sounds good. 8)

Thanks for your time and effort!!

Regards,
-- Dr.U
User avatar
Dr.U
Level 2
Level 2
 
Posts: 65
Joined: Wed Jan 03, 2007 10:24 am
Location: Ettlingen, Germany

Postby rlozano on Mon Jan 08, 2007 8:56 pm

congrats to you then! you have solved the problem already and you are comfortably using your mint... :-)
User avatar
rlozano
Level 2
Level 2
 
Posts: 67
Joined: Tue Dec 19, 2006 7:57 am

Linux Mint is funded by ads and donations.
 
Previous

Return to Other topics

Who is online

Users browsing this forum: No registered users and 4 guests