ATTENTION: Virus, spy-ware, or harmless?

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
User avatar
Dr.U
Level 2
Level 2
Posts: 64
Joined: Wed Jan 03, 2007 10:24 am
Location: Ettlingen, Germany

Re: ATTENTION: Virus, spy-ware, or harmless?

Post by Dr.U »

npap wrote: Hello Dr.U,
I too have noticed my eth0 network connection blinking madly at statrup, as if I'm downloading something.
It got me worried too. So I installed the Firestarter firewall (it is configurable). And in order to see what's going out or coming in, I installed a nice network monitor package called KnetDockApp.

They both can be found in Synaptic.
Greetings,
npap
Thanks for the tips npap! You probably know that checks are made automatically at start up to some NTP (Network Time Protocol?) server(s) in order to synchronize your clock. I'm not sure how to turn that off, but I'm sure someone in this forum could tell us how to do that.

I'll check out the KnetDockApp, but if it requires installing lots of KDE libraries, then I will look around for something else. I guess that I should also look into setting up a firewall with Firestarter (groan, I hate having to do this stuff: why is it necessary with LinuxMint but not with Edubuntu?).

Again, thank you very much.

Regards,
-- Dr.U
scorp123
Level 8
Level 8
Posts: 2272
Joined: Sat Dec 02, 2006 4:19 pm
Location: Switzerland

Re: Problem remains

Post by scorp123 »

Dr.U wrote: I am not using DHCP but a local network (with a static IP) called schwarzwald because that is the name of the workgroup on my wife's M$ Windows machine that is on our LAN
That's why I f***ing hate Microsoft. They kidnap terms and terminology and then everyone thinks that this is the same stuff: resolv.conf is about TCP/IP .. NOT about Microsoft's broken and braindead networking non-standards. When someone says domain or domain name then this means DNS. Stuff like linuxmint.com, ubuntu.org, google.com, and so on. This has nothing whatsoever to do with Microsoft "Workgroups" or "Windows Domains". In theory you could make something up here, e.g. dr.u.net or schwarzwald.linuxmint.net or you could use the real domain name of your Internet Service Provider, e.g. t-online.de or arcor.de or whatever it is in your case. No matter what you set here, this has no influence over whether or not SAMBA and Windows Networking will work or not. These two topics use entirely separate settings. We are talking TCP/IP and DNS here. NOT Windows Networking. OK? :D
Dr.U wrote: although I never use this LAN to communicate with that box nor does she use her machine to talk with mine. Still I enter it always just in case we decide it is necessary for the two machines to communicate with each other in the future.
Please read above. Setting your DNS settings to the same value as your Windows Network is not going to help (or harm) in any way, this has absolutely no influence at all. Just to make sure we talked about this :lol:
Dr.U wrote: I do not have a steady provider.
Why no broadband?? It's much much cheaper and waaaaay faster. :wink: And given the speeds and prices you get offered in Germany you should easily find a plan that would suit you. When I see the ADSL speeds you can get in Germany I really sometimes want to massacrate those morons here at Swisscom (our ex-state owned monopoly ... still a monopoly !!) for not giving us ADSL users more speed. The only alternative here is Cablecom (a monopoly too!), and their stuff connects via the TV connector, eg. you get a so called "cable modem" ... but their service so totally sucks IMHO that so far I see no choice but to stay with Swisscom. Their ADSL offering is a bit slower than Cablecom but at least their service is 1st class. You however in Germany have sooooo many providers to select from .... So why bother with ISDN? :?
Dr.U wrote: NTP (Network Time Protocol?)
Check the boot scripts ... On my system I have this menu: System ==> Administration ==> BootUp Manager ... You can take a look at it and see if you find anything that says something about ntp ... But watch out! Do not disable any service unless you really really know what you do! You might cripple your system if you disable vital stuff!

Regards,
Scorp123
User avatar
Dr.U
Level 2
Level 2
Posts: 64
Joined: Wed Jan 03, 2007 10:24 am
Location: Ettlingen, Germany

SOLVED!!!!

Post by Dr.U »

I am extremely pleased to announce that the problems with Gnome apps opening internet connections when they are started, and Gnome apps being very slow when the router is turned off, seem to be solved :D

I did three changes, as suggested: in the file /etc/network/interfaces I commented out the lines for "eth1", "eth2", "ath0" and "wlan0" (and the single line following each entry too); in the file /etc/hosts I made the suggested changes, and in the file /etc/resolv.conf I removed the domain reference. I don't know which of these changes was the decisive change, and I don't feel like going back and doing them one at time to find out (unless someone out there really wants to know). So:

Thank you, everyone, for your time and help in solving this!!!

This shows that Linux Mint has a concerned, patient and intelligent community, that doesn't make degrading remarks to non-gurus (like myself). Bravo! :D

Now on to some replies:
scorp123 wrote:
Dr.U wrote: I am not using DHCP but a local network (with a static IP) called schwarzwald because that is the name of the workgroup on my wife's M$ Windows machine that is on our LAN
That's why I f***ing hate Microsoft. They kidnap terms and terminology and then everyone thinks that this is the same stuff: resolv.conf is about TCP/IP .. NOT about Microsoft's broken and braindead networking non-standards. When someone says domain or domain name then this means DNS. Stuff like linuxmint.com, ubuntu.org, google.com, and so on. This has nothing whatsoever to do with Microsoft "Workgroups" or "Windows Domains". In theory you could make something up here, e.g. dr.u.net or schwarzwald.linuxmint.net or you could use the real domain name of your Internet Service Provider, e.g. t-online.de or arcor.de or whatever it is in your case. No matter what you set here, this has no influence over whether or not SAMBA and Windows Networking will work or not. These two topics use entirely separate settings. We are talking TCP/IP and DNS here. NOT Windows Networking. OK? :D
Thanks for the info, scorp! No one ever told me this and never have I seen it listed anywhere. Indeed, I am pretty sure that I once found info that started me in this incorrect direction in some Linux mag article about networking (long ago, mind you).
scorp123 wrote:
Dr.U wrote: I do not have a steady provider.
Why no broadband?? It's much much cheaper and waaaaay faster. :wink: And given the speeds and prices you get offered in Germany you should easily find a plan that would suit you. When I see the ADSL speeds you can get in Germany I really sometimes want to massacrate those morons here at Swisscom (our ex-state owned monopoly ... still a monopoly !!) for not giving us ADSL users more speed. The only alternative here is Cablecom (a monopoly too!), and their stuff connects via the TV connector, eg. you get a so called "cable modem" ... but their service so totally sucks IMHO that so far I see no choice but to stay with Swisscom. Their ADSL offering is a bit slower than Cablecom but at least their service is 1st class. You however in Germany have sooooo many providers to select from .... So why bother with ISDN? :?
Theoretically, you are right. Practically, the German telecom still has too much power and control over telecommunication in Germany, and has absolutely terrible service/business practices. One example (actually this happened to 2 of my friends, about 12 months apart, and I have seen reports about this and similar problems on television), my friend had TDSL (DSL from the Deutsche Telecom) and sent them a letter terminating the service and switching it to another DSL provider (that is a re-saler that uses the Deutsche Telekom lines). As a reply from the D. Telekom, she gets a letter thanking her for her "new" subscription to TDSL!! Her bank account is now being zapped from both the new provider and the Deutsche Telekom (hereafter called DT)!! The DT said that they are "sorry" for this error and that it will be corrected. This has continued now for over two months with no correction yet. The other friends needed over six months before the DT stopped trying to zap their bank account (they blocked the account after the first withdrawal), another 6 months before the money was transferred back (without interest, of course), and during this time regularly sent letters threatening legal action against my friends for blocking the bank account.

For me the DT is poison and I will never risk trying any product from them -- rather a slow ISDN than Kafka-like nightmares!! Besides, our relatively new penthouse flat that we bought in 1999 has glass-fiber lines (not copper) and, although the DT has now a technology that is even faster than DSL for such lines they have stopped installing it (after only installing it the cities that hosted the recent soccer world championship games). They have no current plans to restart installations (according to their customer service), and (according to news reports) they are stalling in an attempt to put pressure on the regulating authorities to ease up on cutbacks of the DTs existing market advantages (accrued from their previous monopoly) -- sounds like they are following the well-known examples of Mr. Bill Gates.
scorp123 wrote:
Dr.U wrote: NTP (Network Time Protocol?)
Check the boot scripts ... On my system I have this menu: System ==> Administration ==> BootUp Manager ... You can take a look at it and see if you find anything that says something about ntp ... But watch out! Do not disable any service unless you really really know what you do! You might cripple your system if you disable vital stuff!

Regards,
Scorp123
Thanks for the tips. I'll check and see what I can find.

Regards,
-- Dr.U
User avatar
Dr.U
Level 2
Level 2
Posts: 64
Joined: Wed Jan 03, 2007 10:24 am
Location: Ettlingen, Germany

Re: ATTENTION: Virus, spy-ware, or harmless?

Post by Dr.U »

rlozano wrote:
Dr.U wrote:
npap wrote: Hello Dr.U,
I too have noticed my eth0 network connection blinking madly at statrup, as if I'm downloading something.
It got me worried too. So I installed the Firestarter firewall (it is configurable). And in order to see what's going out or coming in, I installed a nice network monitor package called KnetDockApp.

They both can be found in Synaptic.
Greetings,
npap
Thanks for the tips npap! You probably know that checks are made automatically at start up to some NTP (Network Time Protocol?) server(s) in order to synchronize your clock. I'm not sure how to turn that off, but I'm sure someone in this forum could tell us how to do that.

I'll check out the KnetDockApp, but if it requires installing lots of KDE libraries, then I will look around for something else. I guess that I should also look into setting up a firewall with Firestarter (groan, I hate having to do this stuff: why is it necessary with LinuxMint but not with Edubuntu?).
if you don't want that application given by npap to monitor your internet activity, try installing bmon. its a terminal base bandwidth monitor, and you can see from there which one has an activity.

you can install bmon, using the add/remove option in the internet section or from the terminal, you can type sudo aptitude install bmon. once installed, open a terminal and type bmon.

to make things sure, i suggest that you install a firewall, but in my case, i have 3 machines witn mint on, and i have not experience your scenario.

also, you may want to check using the configuration-editor to see your nautilus configuration, under the apps-->nautilus section, and try t find out if there's any setting that makes your nautilus access remotely. most of the options there should be local_only.

hope this helps...
As you have now seen, my problem seems to be history. But, I will now be checking out bmon anyway. Sounds good. 8)

Thanks for your time and effort!!

Regards,
-- Dr.U
Locked

Return to “Other topics”