Every time I do a some surfing with my saved bookmarks, some hack suddenly starts uploading all my files.. So the culprit is obviously one or more of my hundreds of bookmarks.. but I don't know which one, yet.. I'm narrowing it down...

I don't care that the "mindless little monkey" is getting the files on this hd.. It's only my Internet computer anyway... I flash-drive transfer all Internet important things from it, daily, to my unconnected private computers... This way the Internet rarely touches my private HD's, except when they're updating OS's..

This Internet computer has only a few hundred desktop backgrounds, 400 tunes, an empty folder for new pix for transfers, an empty folder for new posts and notes for transfers, and a growing folder full of various Linux distributions which I will eventually make ISO install CD's and test out these many strange installations...

My private computer isn't Net-connected, but only for moments when its acquiring updates.. The moment the downloads are complete, I pull the connection from the tower.. I wish I had an in-line switch to disconnect the Net from the tower.. Is there one?..

Thing is, when that goof is uploading my Internet computer's files, he is seriously slowing down the operation of this low Ram antique tower... I wants to somehow "sour the milk", to give him his reason why to not want to upload my files..
I wants to make an "attack-file" that grabs his uploading connection and locks it in, into a huge 20-gig file of Linux OS ISO's.. so the only way he can disconnect from that file is to reboot or physically disconnect from the Net.. Is this possible?..

"Hacker's Victims Fight Back"...

How can I find if the attacker's OS is Windows, or Linux..?

Ideally, I'd like to somehow start a fire under or in his chair...

One of my hobbies is learning pix-editing by editing nude art.. I suspect the hack is "one of the government's xxx sites, in which they tap into any computer that visits their site"...

Can I lock my files with a password..? I'm not doing anything illegal.. I'm merely learning pix editing... I feel like I'm being treated as a criminal.. And their meddling does slow my computer operations a lot... Eventually I will figure out which sites are the crap sites, and simply boycott them...

How do you know this?

If you're using some kind of traffic monitor, can you share its output with us?

We don't allow members to help with that sort of thing here. Regardless, your priority should be finding the hole being exploited and patching it ASAP, IMO. The quicker you post some factual, relevant, technical information (log file snippets, connection and process snapshots, etc.), the quicker someone here may help you address this possible breach.

2 members found this post helpful.

I know this when the hd starts going hyper-active, till I reboot...
I don't have any services running.. no updaters set to automatic.. no indexers... no active processes.. The hd just goes wild...

I link to a few websites, then suddenly the hd is pumping out data about as fast as it loads data into a flash... And the flashing operation's light on the tower flashes the same ways as it does when I'm uploading my files.. And the noisy hd makes the same sounds and spaces as it does when I'm working with pix files... If I remove all my files from my Internet tower, the hacking doesn't happen...

OK, You don't help with this sort of thing.. Can you PM me with a link of someone who does?.. I wants a little revenge for this ongoing abuse and torture...

"Plug the hole".. I thought I did everything to plug such holes...

Which log-files do you recommend I post snippets of?..

I just installed all the traffic monitors I could find in Fedora-14's Yumex.. Now I needs to learn how to use them...

I don't understand Linux, but I sure loves it...

Errrrm..... I think you maybe dislissuional, other than getting help from a doctor have you concidered its simply swapping to hard drive? >_<

If your not using your computer for anything and you want to make sure noone can access it. You can always turn off your computer.

I'm not familiar with Fedora, but there should be some System Monitor-like application that can show your memory (RAM) usage. Please tell us how much of your RAM is used -- as it sounds like it's thrashing (swapping to the hard drive) to me.

I hardly think that if there is someone uploading data from your PC, they'd wait until you clicked a bookmark to start uploading... Or that someone would specifically create a trojan that only works that way.

I once knew a guy who thought someone had uploaded a virus that'd make his mouse play up sometimes - jump across the screen sometimes, be unresponsive, etc - ... he couldn't be told otherwise - he was a Professor tho. :P It was just a bad usb/PS2 adapter that was should have been replaced... which they didn't. Although i did try to plug it in more securely... not that that helped a great deal.

I'd say the posts above are far more likely... it's prolly just swapping data to your swap file. And potentially loading cached data off the HDD.

Hi Smiley.. You seem to be the one who is following me all over the Net, casting insults my way every time you post where I've posted... I wish I knew what you wanted from me... Is your name "Gorden..?

I did see a shrink about 8-years ago, to fulfil one of the requirements in a job application.. We had a long fun chat, and joked and laughed a lot, even to tears..
He told me that he feels that I am "more sane than he is".. and he had some time between patients, so he asked me to help him diagnose a few supposedly "fictitious cases"..
After that, he invited me to drop by into his office for coffee and chats any time I was in the area.. and requested that I assist him more with other problem diagnoses... We go fishing and hiking together occasionally... Maybe it's you who should be "getting help from a doctor", sir... Maybe you already are sir..?

I have 20 hd's.. I tried swapping.. It happens on all of them... Thanks for the suggestion.. Have you got any useful ones sir, without the insults please!.. I've heard them all.. They used to sting me, and sometimes bring tears to my eyes, but now they are only boring...

I really would like to solve this thing, so the computer doesn't run so slow when something/someone on the Net is messing in my PC...
How do I test to determine which ports are open.. and what's going in and out of them..?
I would like to get IP-Tables up and running, but I just can't get the dern thing going...

0 members found this post helpful.

One of the "senior" programmers at my last job was convinced we had installed remote desktop software on his workstation so we could spy on him. He came to that conclusion because his mouse would move around on its on or wouldn't react the way he thought it would. He ACTUALLY confronted us(IT staff) that we were spying on him.


:facepalm:

"He ACTUALLY confronted us(IT staff) that we were spying on him."


__________________


Were you..? and was it you who damaged his mouse connector to bully him..?

No. We have better things to do that to "spy" on people at work. We gave him a new mouse and never heard another peep from him(well at least about that). The guy was a terrible programmer and was let go a few months later due to incompetence.

Maybe he was potentially a good programmer, who couldn't work under the stress you folks laid on him...
Maybe it was all just a personality conflict, in that you folks didn't like that he didn't think like you and believe in what you believe in, and maybe you just did what you had to, to get him fired... Think back on how you treated him.. How would you feel if others treated you the same..?

Do you happen to know how to get IP-Tables working in Fedora-14 sir..?

I think what he actually meant was that your swap area on the disk may be being heavily used due to low memory conditions. In many cases, it would cause symptoms similar to what you have described. You can show us whether this is the case or not by running the free command before, during, and after the perceived issue and posting the output here.

Okay, but how do you know it's "pumping out data"? Nothing you've posted so far would support that. We don't deal with imagination in LQSEC, we rely on facts. You can use iotop to see exactly which process is generating the disk activity (and amount, as well as type).

I don't see how a PM would change the ethics of this. Besides: 1) I don't really know people who do that kind of thing, and 2) There's nothing to suggest that this issue isn't being caused by something non-malicious. Others have posted examples here to illustrate how easy it can be to mistake non-malicious and malicious activity. With your cooperation, we can help you figure out what's happening.

try this
install iptraf (sudo yum install iptraf for fedora, sudo apt-get install iptraf for debian based)
run iptraf in a terminal (must be run as root or with sudo), select network monitor, select the interface in question (the one your internet connection is on) reproduce the issue with iptraf running and watch to see if your computer starts sending traffic and how much and to where

Yeah, running both iotop and iptraf (simultaneously) would be a good start.