No Internet connection after being forced to a malware site
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
No Internet connection after being forced to a malware site
Hi, I have been using Linux Mint for a couple of years (that is, a relative newbie). All has worked just fine until now. My problem is that I can't connect to Internet anymore. The background is as follows: Using Mint 18.3 and Firefox I occasionally visited a web site which sent me to another (malware?) site having a popup window taking command of the whole screen and demanding me to reinstall Firefox (their version). As there were no way to leave that site I eventually had to force a shutdown of the computer. After restarting the computer the Internet connection was gone. I'm using a router and wifi and have tried a cable connection without any result. I have also tried another computer with Mint 17.3 installed, a Windows 10 computer, and my Android cellphone, without any problems connecting to internet via wifi. The router seems to work without any flaws.
I really have no clue what to do. I have heard and read that Linux is relatively secure when it comes to virus and malware. So perhaps it is something other?
Thanks in advance for any answer!
I really have no clue what to do. I have heard and read that Linux is relatively secure when it comes to virus and malware. So perhaps it is something other?
Thanks in advance for any answer!
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
- Pjotr
- Level 24
- Posts: 20120
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: No Internet connection after being forced to a malware site
Can you send me a PM with the URL of the malware site? I'd like to take a look.
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Re: No Internet connection after being forced to a malware site
When your on the problem computer can you do these things:
1. Open a term window and type in "ifconfig" and post the output.
2. See if you can ping 8.8.8.8 and get a reply. The command is "ping 8.8.8.8"
Lets see what it shows
1. Open a term window and type in "ifconfig" and post the output.
2. See if you can ping 8.8.8.8 and get a reply. The command is "ping 8.8.8.8"
Lets see what it shows
Ryzen x1800 Asus Prime x370-Pro 32 gigs Ram RX480 graphics
Dell PE T610, Dell PE T710 - List your hardware Profile: inxi -Fxpmrz
MeshCentral * Virtualbox * Debian * InvoiceNinja * NextCloud * Linux since kernel 2.0.36
Dell PE T610, Dell PE T710 - List your hardware Profile: inxi -Fxpmrz
MeshCentral * Virtualbox * Debian * InvoiceNinja * NextCloud * Linux since kernel 2.0.36
Re: No Internet connection after being forced to a malware site
Many thanks!
I have sent a PM with the URL and some details to Pjotr!
I have already tried to Ping and that seems to work.
I will run "ipconfig" in the terminal and post the output when I have transfered it from the computer with no internet to this one. But if it's ok it will take some hours because it is in the middle in the night here (03.00), so really don't know for sure what I'm doing.
I have sent a PM with the URL and some details to Pjotr!
I have already tried to Ping and that seems to work.
I will run "ipconfig" in the terminal and post the output when I have transfered it from the computer with no internet to this one. But if it's ok it will take some hours because it is in the middle in the night here (03.00), so really don't know for sure what I'm doing.
Re: No Internet connection after being forced to a malware site
If you were running as a normal user, firefox can only damage that user's environment. It's relatively easy to make a new user account and start fresh.
o If your GUI is set to auto-login, switch that off.
o Log out of the GUI.
o Ctrl+Alt+F1 to switch to text console TTY1.
o Log in and think of a new user name... one word in lower case letters... johndoe
o Enter
o Give your new user sudo powers...
o Switch back to the GUI greeter with Alt+LeftArrow and log in as johndoe.
o If your GUI is set to auto-login, switch that off.
o Log out of the GUI.
o Ctrl+Alt+F1 to switch to text console TTY1.
o Log in and think of a new user name... one word in lower case letters... johndoe
o Enter
sudo adduser johndoe
and answer the questions.o Give your new user sudo powers...
sudo adduser johndoe sudo
o Switch back to the GUI greeter with Alt+LeftArrow and log in as johndoe.
Re: No Internet connection after being forced to a malware site
does another browser work?
Re: No Internet connection after being forced to a malware site
Would it had helped if the poster was using FIreJail
Re: No Internet connection after being forced to a malware site
Here's the output from ifconfig (second try):
I will test if it works making a new user. Another browser doesn't work. Internet is down for everything on the computer (my email, the update manager etc). Firejail is something new for me. But doesn't that already presuppose an Internet connection?
Code: Select all
enp8s0 Link encap:Ethernet HWaddr 7c:05:07:26:d9:85
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2076 (2.0 KB) TX bytes:2076 (2.0 KB)
wlp7s0 Link encap:Ethernet HWaddr a8:54:b2:96:aa:b4
inet addr:192.168.1.142 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::3c48:3c17:1fc5:bad7/64 Scope:Link
inet6 addr: fd5a:b95b:8aae:0:59d:4e1d:ee4c:4e40/64 Scope:Global
inet6 addr: fd5a:b95b:8aae:0:27aa:2e26:2ac9:bb00/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1580 errors:0 dropped:0 overruns:0 frame:0
TX packets:1438 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:125155 (125.1 KB) TX bytes:163414 (163.4 KB)
Re: No Internet connection after being forced to a malware site
Making and using a new user account didn't work
Re: No Internet connection after being forced to a malware site
I was just wondering if something installed on your computer when you hit that bad webpage. I think FireJail would have stopped this from happening ... I think
- Pjotr
- Level 24
- Posts: 20120
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: No Internet connection after being forced to a malware site
I received nothing....brutto07 wrote:I have sent a PM with the URL and some details to Pjotr!
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Re: No Internet connection after being forced to a malware site
Ok. That looks good. Now post the output of your /etc/resolv.conf filebrutto07 wrote:Here's the output from ifconfig (second try):
I will test if it works making a new user. Another browser doesn't work. Internet is down for everything on the computer (my email, the update manager etc). Firejail is something new for me. But doesn't that already presuppose an Internet connection?Code: Select all
enp8s0 Link encap:Ethernet HWaddr 7c:05:07:26:d9:85 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:20 errors:0 dropped:0 overruns:0 frame:0 TX packets:20 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2076 (2.0 KB) TX bytes:2076 (2.0 KB) wlp7s0 Link encap:Ethernet HWaddr a8:54:b2:96:aa:b4 inet addr:192.168.1.142 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::3c48:3c17:1fc5:bad7/64 Scope:Link inet6 addr: fd5a:b95b:8aae:0:59d:4e1d:ee4c:4e40/64 Scope:Global inet6 addr: fd5a:b95b:8aae:0:27aa:2e26:2ac9:bb00/64 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1580 errors:0 dropped:0 overruns:0 frame:0 TX packets:1438 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:125155 (125.1 KB) TX bytes:163414 (163.4 KB)
Like this:
Code: Select all
cat /etc/resolv.conf
Ryzen x1800 Asus Prime x370-Pro 32 gigs Ram RX480 graphics
Dell PE T610, Dell PE T710 - List your hardware Profile: inxi -Fxpmrz
MeshCentral * Virtualbox * Debian * InvoiceNinja * NextCloud * Linux since kernel 2.0.36
Dell PE T610, Dell PE T710 - List your hardware Profile: inxi -Fxpmrz
MeshCentral * Virtualbox * Debian * InvoiceNinja * NextCloud * Linux since kernel 2.0.36
Re: No Internet connection after being forced to a malware site
Can you pm me with the link and also Pjotr said he didn't get anything.brutto07 wrote:I occasionally visited a web site which sent me to another (malware?) site having a popup window taking command of the whole screen and demanding me to reinstall Firefox (their version).
Re: No Internet connection after being forced to a malware site
delete your internet connection and connect again. simplest way i can suggest is rightclick on network tray icon > edit connections > select your wifi and delete
i've not heard a browser hijack that could cause this so severe that connecting in linux is broken. a better troubleshoot is this . wireless info run the script and post it here in CODE https://github.com/UbuntuForums/wireless-info
i've not heard a browser hijack that could cause this so severe that connecting in linux is broken. a better troubleshoot is this . wireless info run the script and post it here in CODE https://github.com/UbuntuForums/wireless-info
- Pjotr
- Level 24
- Posts: 20120
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: No Internet connection after being forced to a malware site
I repeat: please PM me the link, because in spite of wat you said, this still hasn't occurred. When this doesn't happen, I'll have to consider your message as a hoax.
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
- Pjotr
- Level 24
- Posts: 20120
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: No Internet connection after being forced to a malware site
OK, I received the required information from the OP (thank you for that!).
I followed the same click path as the OP did, but this didn't lead to anything unusual. So I'm sorry to say that I can't reproduce his problem.
It has been mentioned already in this thread by others: you might want to increase the security of your web browser by running it inside a secured sandbox. This is how:
https://sites.google.com/site/easylinux ... ct/sandbox
I followed the same click path as the OP did, but this didn't lead to anything unusual. So I'm sorry to say that I can't reproduce his problem.
It has been mentioned already in this thread by others: you might want to increase the security of your web browser by running it inside a secured sandbox. This is how:
https://sites.google.com/site/easylinux ... ct/sandbox
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Re: No Internet connection after being forced to a malware site
To Pepi: I really don't know if something was installed. But with my limited knowledge of Linux something like that isn't possible without username and password to my computer?
To Trytip: Have already tried that. Shall try to use the script you mention (if it is safe?)
To WharfRat: Hopefully you got my PM
To Coffee412: Here's the output from cat /etc/resolv.conf:
# Generated by Eddie v2.13.6 | https://eddie.website
nameserver 10.4.0.1
(My Comment: Eddie is a client used by AirVPN (airvpn.org). It was inactivated when generating the output but active when I visited the site where all seems to have started.)
To Trytip: Have already tried that. Shall try to use the script you mention (if it is safe?)
To WharfRat: Hopefully you got my PM
To Coffee412: Here's the output from cat /etc/resolv.conf:
# Generated by Eddie v2.13.6 | https://eddie.website
nameserver 10.4.0.1
(My Comment: Eddie is a client used by AirVPN (airvpn.org). It was inactivated when generating the output but active when I visited the site where all seems to have started.)
Re: No Internet connection after being forced to a malware site
brutto07 wrote:To Pepi: I really don't know if something was installed. But with my limited knowledge of Linux something like that isn't possible without username and password to my computer?
To Trytip: Have already tried that. Shall try to use the script you mention (if it is safe?)
To WharfRat: Hopefully you got my PM
To Coffee412: Here's the output from cat /etc/resolv.conf:
# Generated by Eddie v2.13.6 | https://eddie.website
nameserver 10.4.0.1
(My Comment: Eddie is a client used by AirVPN (airvpn.org). It was inactivated when generating the output but active when I visited the site where all seems to have started.)
Your resolv.conf file is the only thing probably wrong. The reason you cannot find sites on the internet is because your Name server is set to 10.4.0.1 which is a private address.
Fix that in Network manager and you will be all set
Ryzen x1800 Asus Prime x370-Pro 32 gigs Ram RX480 graphics
Dell PE T610, Dell PE T710 - List your hardware Profile: inxi -Fxpmrz
MeshCentral * Virtualbox * Debian * InvoiceNinja * NextCloud * Linux since kernel 2.0.36
Dell PE T610, Dell PE T710 - List your hardware Profile: inxi -Fxpmrz
MeshCentral * Virtualbox * Debian * InvoiceNinja * NextCloud * Linux since kernel 2.0.36
Re: No Internet connection after being forced to a malware site
brutto07,
I went to the site, found the book you mentioned and tried the download, nothing to report.
I didn't register to complete the download, but to that point nothing unusual happened.
I went to the site, found the book you mentioned and tried the download, nothing to report.
I didn't register to complete the download, but to that point nothing unusual happened.
Re: No Internet connection after being forced to a malware site
To Coffee412: Now that looks promising! But I have a maybe typical newbie (and dumb) question: how do I fix that in Network Manager and how do I know what name server to use, that is, what address to use?