Find the answer to your Linux question:
Results 1 to 6 of 6
Hi fellow Linux users. I have a machine with Linux that may be infected. After trying to install and delete openoffice/libreoffice, a message came up saying something like "hello, type ...
  1. 09-09-2011 #1
    Pressure61
    Pressure61 is offline
    Just Joined!
    Join Date
    Sep 2011
    Posts
    1

    Linux infected?

    Hi fellow Linux users.
    I have a machine with Linux that may be infected.

    After trying to install and delete openoffice/libreoffice,
    a message came up saying something like "hello, type "yes i will" to give me full control of the computer".

    Now I noticed my pc began to ping several ip-addresses, looks like it's on my lan network, so I formatted a couple of times trying to get rid of it, but it kept coming back up.
    The formatting was with a windows disc.

    Now what is to do now?
    Maybe doing a full format or AV-scanner on cd?
    Reply With Quote Reply With Quote
  2. 09-09-2011 #2
    Jonathan183
    Jonathan183 is offline
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    2,941
    Don't panic, try and work out what the problem really is, and if someone has got into your system how. That will help you avoid ending up in the same situation again.

    I suggest you boot from a live CD for doing your investigative work ... look at this thread for issues and ideas

    ... once you have worked out exactly what is going on, if the system has been compromised the only option you have is backup data and do a fresh install - be very careful about what data you restore after the re-install.
    Reply With Quote Reply With Quote
  3. 09-09-2011 #3
    yancek
    yancek is offline
    Linux Guru
    Join Date
    Oct 2007
    Location
    Tucson AZ
    Posts
    1,935
    Which distribution and version of Linux do you have?
    How did you try to install openoffice/libre office? From the repositories of your Linux distribution? Are there any other operating systems on the computer?
    Reply With Quote Reply With Quote
  4. 09-09-2011 #4
    cynwulf
    cynwulf is offline
    Guest
    Join Date
    Feb 2005
    Posts
    314
    Quote Originally Posted by Pressure61 View Post
    Now what is to do now?
    Pull out the ethernet cable from the nic get to another machine and provide vastly more info than you have here...
    Reply With Quote Reply With Quote
  5. 09-13-2011 #5
    LinuxSecurity
    LinuxSecurity is offline
    Just Joined!
    Join Date
    Sep 2011
    Posts
    19
    The best thing to do is reinstall if you're concerned that your system compromised. If you cannot back up your data and reinstall, I recommend that you boot off a live CD and scan your root filesystem with chrootkit and rkhunter to see if there's a root kit installed. You will also want to check your boot path of RC scripts and verify that /sbin/init has not been compromised.

    -Eric
    Reply With Quote Reply With Quote
  6. 09-14-2011 #6
    KingKull2112
    KingKull2112 is offline
    Just Joined!
    Join Date
    Apr 2011
    Posts
    14
    You said you have a LAN. Sounds like you might be having system admin problems. I know network and system operators that screw around with noobs like that. This only applies if you are in an office setting though
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules