Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 14
Hi... I have some unique problems, which I don't really want to get into; basically I can't download stuff (can't store anything anywhere) just now. So could someone please tell ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2006
    Posts
    37

    Acronyms needed (i.e., what is VPN service?)


    Hi... I have some unique problems, which I don't really want to get into; basically I can't download stuff (can't store anything anywhere) just now. So could someone please tell me network-related 'services' that I can read about in the man pages?

    In particular, I want the abbreviation/initials for the virtual private network. (What I mean is, the equivalent for vpn that smbd and nmbd are what one needs to know with regard to samba, for example.) If there were a list of all the 'services' somewhere, that would be super -- just point me at them, please!

  2. #2
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Try this site.
    oz

  3. #3
    Just Joined!
    Join Date
    May 2006
    Posts
    37
    Thanks, ozar, but those are not service names, as nmbd & smbd are what I think of as the "service names" for samba.

    Here is a real problem. I know it sounds incredible, but I'm only reporting what I see. If any hacker can help me, I'd really appreciate it:

    I removed (physically) the hard drive & floppy of a 2001 NetVista PC, running about 1k Mhz, with 256K RAM, and a CD-ROM. A Lynksys router is connected to the PC, and I have very high-speed cable (Ethernet cables) modem.

    Each day I want to go online, I start with the Ethernet cable connected between router and PC, but NOT between router and cable modem. I insert the MEPIS 6.5 CD (which I downloaded and burned earlier this year, when I had an "offline" PC running XP which has a CD burner). So any variability in my OS is not coming from a hard drive -- my OS is not installed, and the CD cannot be written over, I've been told repeatedly.

    I am having extremely serious hacker problems, which is why I've gone to this limited system. Over the past couple of days, when I shutdown (on Konsole, shutdown now, which recently I have to also enter halt), I get within one of the shutdown messages:
    OpenBSD Source Shell server
    (as something else it's shutting down).

    The first couple of times I saw this, I had been connected to the Internet for a couple of hours. So, as a test, this morning I turned on the PC, got to the login, logged in as root (no permanent installation, so why not?), then immediately shut down. And I did see the message again.

    All I can tell you is that the hackers are physically very close to my machine (actually in the apartment above mine), and they have been running various systems since late October 2007. OpenBSD is apparently their latest attempt.

    Please don't flame this thread. I just want to know the names of (or folders in which to find) other network-related services I should be shutting down, so I can get online all alone. Here's what I do so far: Bring up Konsole as soon as I've got a task bar, open a couple root shells. Bring up the syslog, and switch to view the CUPS (I mean printer) info, then remove relevant /var/run/ and /var/cache files (I'm not intending to use my own printer, after all). In particular, I think I
    rm /var/cache/samba/printing/* and also rmdir ppd.

    Also I rm /dev/pty* and tty*, then remove all the getty processes -- to do this, I normally get ksysguardd (the one that lists the PID for all processes).

    I also rm /etc/cron.hourly/.placeholder and then rmdir /etc/cron.hourly
    and rm /etc/samba/smb.conf
    I hope I'm describing this properly: I'm at the library, and recall is less accurate than recognition.

    I kill all the weird hald daemon-related and ssh PIDs shown in netstat -lanap. From the netstat -lanap listing and ksysguard listing, I also kill all processes I recognize as related to online services, including cups, NetworkManager, inet, dhcp__, nmbd, smbd, and even python (I didn't open a python shell myself).

    Then I use passwd to alter the root password. After that, I usually fire up FireFox, then plug in the Ethernet cable from router into the cable modem, and I can browse.

    Now that they're running the BSD (I think formerly they were trying to hack via Netbios, so a Win OS?), I'm a bit worried they might try to spoof my ISP to generate information to frame me for something. (Visiting a terrorist site? child porn? Sites for spammers? I have no idea. ) So, can anyone suggest other network interfaces they might be exploiting? These are heavy-duty hackers, obviously; I already know what I'm describing is thought to be impossible. Not asking how they're doing what they're doing anymore, just asking for other things to shut down. (VPN is not the name of the VPN service, for example -- anyone know what it is?)

    I really am fairly new to Linux, and very new to "hacking." Not new to computing, and used to working with many different languages and OSes (I was a professional documenter over 20 years in NYC). But I'm in way over my head, and could use some help.

  4. #4
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    My guess is you need to better configure your router for protection. It should have come with a built in firewall. You should make sure it is enabled and also make sure that you set the router password to something other than the default if it isn't. Make sure you don't have any ports opened up to the outside world.

  5. #5
    Just Joined!
    Join Date
    May 2006
    Posts
    37
    Quote Originally Posted by coopstah13 View Post
    Make sure you don't have any ports opened up to the outside world.
    Thanks for the quick reply. Can you help me find out what ports are open? I don't think man ports produced any documentation -- in general, my problem is that the man pages are invoked by giving the service name (such as smb.conf), rather than by offering a function (keyword). Since I can't download any other documentation just now, it's hard for me to get a grasp of what is going on. (I recently learned that networks such as eth0 and lo (localhost) are called "interfaces" in Linux, for example. I don't know the proper vocabulary.)

  6. #6
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    well since you are using the router for your internet connection sharing you should use the firewall on that in my opinion. Usually you log in to the router by going to your browser and navigating to http://192.168.0.1 or http://192.168.1.1 and then you log in there. It should have an interface there with some more stuff. Second option is to use iptables to set up a firewall but that would only apply to your machine. Also unless you are running any server or anything like that, you don't need any ports open.

  7. #7
    Linux Guru budman7's Avatar
    Join Date
    Oct 2004
    Location
    Knee deep in Grand Rapids, Michigan
    Posts
    3,242
    If you have a linksys router go to the 192.168.1.1 web page type in admin for the password(unless you changed it).
    Go to the "Administration" tab, there you will be able to disable wireless access to your router.
    I am not sure about other routers but there should be a way to turn off wireless access.
    How to know if you are a geek.
    when you respond to "get a life!" with "what's the URL?"
    - Birger

    New users read The FAQ

  8. #8
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,488
    You can use shields up to test your router for the common service
    ports. It can be accessed from here

    If you can use WEP or preferably WPA to encrypt your network to
    stop people getting in without you knowing.

    Stop broadcasting your SSID and limit access to your router to your
    MAC addresses.

    None of these router changes are infallible, but they all make it harder
    for outsiders to get in.
    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    Conkybots: Interactive plugins for your Conkys!

  9. #9
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    I don't see anywhere in his original post where he referred to having a wireless connection, only that he was connected via ethernet cable. I can understand people using his wireless connection so easy if it is unencrypted, but he never mentioned that.

  10. #10
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,488
    Most routers (soho) anyway seem to be both these days, so reading
    between the lines, the advice is still good to check out.
    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    Conkybots: Interactive plugins for your Conkys!

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •