Serious they sent me a warning stating that tey have detected IRC traffic.... and that I should scan my systems since.... IRC is a good indicator of malicious software....
Are they crazy?!?
on 07/06/2012 – Made popular on 07/06/2012
I have a glassfish server running some webservice and I noticed that there is an abnormal traffic from japan (150.70.x.x) in my iptables log file and I dont have any user in this country .
Until now this IPs didn't succed to connect to my webservice .
Project honeypot detected this IPs as malicious so I want to dig more and understand what this hacker is trying to do .
I've got a new client whose site looks like it has been hacked. It's running Drupal and I have run Hacked on it to verify that the file structure hasn't changed. I can add the Paranoia module, but it's a bit late.
Unfortunately, the site was developed with a lot of PHP code inserted directly into nodes, so a lot of custom code is sitting in the database. It's all run through eval().
I've only found generic descriptions that have sensors capture network traffic and analyzes the content of the individual packets for malicious traffic. What I want to know is specifically what kind of information is logged from the network traffic and packets and how the system would know it is malicious. Any tips/guidance would be greatly appreciated! Thanks!!
I've been using the weather indicator for a while now on 12.04 and for the past day or so it hasn't been able to update. It just shows the same weather icon (the sun) and the same temperature all day. Right now it's 2AM and it thinks it's sunny outside at 72 degrees when it's actually about 62 degrees outside right now.
I recently upgraded from 11.10 to 12.04. My first attempt failed, and I received an error stating that not all of the required packages were downloaded. Before (successfully) attempting again, I noticed that there was no longer a networking indicator in the upper panel.