How to avoid hacking under linux?

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
jesse.zwd

How to avoid hacking under linux?

Post by jesse.zwd »

Hi, there

Under Linux Mint, some strange things happened on some computer, some PDF, MP4 files are changed to picture files, which were deleted from the recycle box before. the changed MP4 or PDF files still have the same file name and MP4 or PDF extention, and when you open those files with a video player, it is just a picture.

Is it hacked or something?

How to monitor these kinds of things under Linux and to be alerted when hacking is going on?


Thanks a lot in advance!
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
User avatar
catweazel
Level 19
Level 19
Posts: 9763
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: How to avoid hacking under linux?

Post by catweazel »

It's more than likely disk corruption. Start a terminal and post the output of this command:

Code: Select all

$ df -HT
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
jesse.zwd

Re: How to avoid hacking under linux?

Post by jesse.zwd »

Thanks a lot! it is a kind of release if just a disk corruption.

The system has been re-installed, the following is the output of df -HT after re-installation:

文件系统 类型 容量 已用 可用 已用% 挂载点
/dev/sda1 ext4 318G 91G 212G 31% /
udev devtmpfs 1.1G 4.1k 1.1G 1% /dev
tmpfs tmpfs 422M 1.1M 421M 1% /run
none tmpfs 5.3M 0 5.3M 0% /run/lock
none tmpfs 1.1G 1.1M 1.1G 1% /run/shm
/home/xxx/.Private ecryptfs 318G 91G 212G 31% /home/xxx


what causes a disk corruption? Is there some hardware damage?
User avatar
catweazel
Level 19
Level 19
Posts: 9763
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: How to avoid hacking under linux?

Post by catweazel »

jesse.zwd wrote:文件系统 类型 容量 已用 可用 已用% 挂载点
Is that normal on your system?

The rest looks fine.
what causes a disk corruption?
It could be caused by almost anything from power spikes to cosmic rays blasting down from the heavens through to the hard drive simply dying of old age.
Is there some hardware damage?
To the hard disk, perhaps. I'd recommend installing smartmon tools and learning how to use them.

Cheers.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
homerscousin

Re: How to avoid hacking under linux?

Post by homerscousin »

I'm not sure what is going on here. This is troubling: "some PDF, MP4 files are changed to picture files, which were deleted from the recycle box before". Are you saying you deleted these files or deleted and then tried to restore them? And now they don't work? Maybe the 'picture' you see is just the thumbnail that your file manager created for that file?

I think 0% chance of hacking, 1% chance of disk corruption and 99% chance it has something to do with deleting, restoring or moving files incorrectly. Please explain what you did in detail.
User avatar
catweazel
Level 19
Level 19
Posts: 9763
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: How to avoid hacking under linux?

Post by catweazel »

homerscousin wrote:99% chance it has something to do with deleting, restoring or moving files incorrectly. Please explain what you did in detail.
Perhaps it's better if you first explain how files can be deleted, restored or moved incorrectly.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
jesse.zwd

Re: How to avoid hacking under linux?

Post by jesse.zwd »

It was very strange indeed, I just deleted and moved the pictures and I never tried to restore them, why are MP4 and PDF files changed to those pictures? these pictures are not good as those before, pixes are lower.

Any way, thanks a lot for your help.
homerscousin

Re: How to avoid hacking under linux?

Post by homerscousin »

Perhaps it's better if you first explain how files can be deleted, restored or moved incorrectly.
Aw, give me a break. I'm not smart enough to know that.

I'll say this. When I first started running Mint 13 Cinnamon last year, my first Linux ever, I was cleaning my hdd one day. Deleting and moving files to new folder etc. In Windows xp I would always hold down the ctrl key, highlight multiple files, then delete or move a bunch at once. I did the same in whatever the Cinnamon file manager was. I got error messages similar to : the file already exists, do you want to overwrite? This was last year. I don't remember exactly. Maybe the ctrl key doesn't work exactly as in Windows. I quit highlighting multiple files and did one at a time. That worked.

EDIT: Now that I have had a minue to recall, here is what was happening. I was moving all the .pdf files from my downloads folder to a new pdf folder. If I saw 3 in a row I'd highlight those 3 then right click and move to new folder. That was OK. Scroll down a bit and see 5 in a row. Highlight those 5 and do the same. That's when I got the error. The last of the 3 files moved prior was not purged and was included in the new 5, hence the do I want to overwrite it.
Locked

Return to “Other topics”