Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
anyway, if someone is changing permissions on your file-system that means he have access to root account ie (you should change passwords) or he is using sudo ie (you should change passwords) but finally even that might be not enough ie (reinstall system).
Dunno ... those names look pretty darned synthetic to me. I doubt you'd find them in /etc/passwd (which, although not the "real" password-file these days, is often consulted to match names with uid's). So, I wonder if we could be being misled by what we see here ...? (And not necessarily in a "false flag" way.)
I am Tara. There should be one guest. There are several that seem to have unlimited access.
I'm not currently aware of any (desktop) application that requires a guest account to access resources though I can imagine it's one way. It may be just a mechanism and not something malicious. Hard to say from what you have posted so far.
Quote:
Originally Posted by apples45
I have noticed numerous programs show up that I do not remember installing, though I could have. Most unnerving is there seems to be a theme about access to audio or something? Could you please explain the language.
Your OS will install applications for you depending on initial choices (plain Desktop, Developer or musicians tools, et cetera) and later on when you opt to install any. In some cases components may be added, for example Desktop Environments like KDE and GNOME are known to pull in all sorts of dependencies. Anyway, installation / uninstall operations should all be listed in your package managements log. So it would be a good thing to inspect plain text /var/log/yum* or /var/log/dnf* logs if you're running Fedora or derivative or /var/log/apt* logs if you're running Debian or derivative.
Quote:
Originally Posted by apples45
I will attempt to find something that legitimately shows my concern.
That would be helpful, yes.
Quote:
Originally Posted by apples45
I could very well be interpreting things. I do take medication.
Heh, no with "interpreting" I mean you are trying to come up with a plausible explanation for observations that you are not yet capable of analysing technically.
Quote:
Originally Posted by apples45
However, the fact that I no longer have authority to access my files makes me wonder. There are several "files systems" I'm concerned about...
Then let's focus on that first. What do you do when you don't "have authority"? Are you using a file manager to browse a local file system? Is there an application you try to open files in? Please walk us through the steps in detail so we can try to see things "through your eyes". Also what errors do you get? Can you post screen shots of them?
Quote:
Originally Posted by apples45
I attached what it says.
Thanks. Helpful. However you forgot to add the output of
Seems to me with all do respect your living with the mind set of windows. I am not minimizing your situation. But seems to me your system isset to login to the last used user. Untill you learn linux and a few commands for linux then the info I have read leads me to believe your youth of the operating system is the real issue.
To learn linux Ubuntu is very confusing to me. But I am sure you may learn Ubuntu. If you own the computer and you are unable to remove cache with a sudo command that tells me your the incorect user of that system. If you are unable to do many of the things people have asked tells me your logged in as the incorrect user.
If you had created a the users the linux way you would know every detail of each user. I wish you luck.
wipe it start over.
a friend put this on my system to prevent a security breach
Explain what "this" is. Are you saying a friend installed Ubuntu 14.04 on your computer? If that's the case, your friend would have had to create at least one user. A password would also have to be given for this user. This primary user would have root/admin privileges. In your case, I would expect that to be 'tara'. Basically, to have more than 'read' access outside your /home/user directory and to do such things as install software and change system configurations, you would need root privileges. For example, to use the Software Center to install new software, you would be prompted for this password. Did your friend give you the password used to create the user 'tara' and is that the primary user?
The guest account on Ubuntu 14.04 is there by default. When you boot Ubuntu, you should see the login page and at least user tara and guest. I have Ubuntu 14.04 installed and on the login page, I see the 2 users I created plus a guest account. When I click on the guest account to login there is a pop-up which states " All data created during the guest session will be deleted when you log out and settings will be reset to default. It also indicates that if you want to save data, you need to do that manually. So unless someone modified all this, the guest account is not going to damage anything. I'm not sure what would happen if someone logged in as guest and had the root password.
If you want to use the guest account, setting up is explained at the Ubuntu page below:
There are at least 4 unknown guests in my computer
If you had additional users, they would show up under the /home directory and your ls output posted above shows only 'tara' and 'guest'.
As far as removing programs, again your need to use your root password and you should be prompted for it when you try to install softwware from a terminal or from the Software Center. You would need to post more specific details on exactly what you did and what happened.
As a long-term user but no expert, I know what I would do if I were called upon to handle such a computer: I would save any important files or pictures to USB or other storage and reinstall Ubuntu 14.04. Installation is quite easy; you have already, in all these posts, done more complicated things than installing.
Once you do that, you will be entirely in charge as the sole owner/user.
As a long-term user but no expert, I know what I would do if I were called upon to handle such a computer: I would save any important files or pictures to USB or other storage and reinstall Ubuntu 14.04.
Yes, and that behaviour is like sticking your head in the sand: it teaches the user nothing.
Is RED HAT some sort of bug or something. I promise I will stop with this ridiculousness.
Quote:
59 Tara-Laptop NetworkManager[796]: <info> Loaded plugin ifupdown: (C) 2008 Canonical Ltd. To report bugs please use the NetworkManager mailing list.
Apr 6 21:35:59 Tara-Laptop NetworkManager[796]: <info> Loaded plugin keyfile: (c) 2007 - 2010 Red Hat, Inc. To report bugs please use the NetworkManager mailing list.
As a long-term user but no expert, I know what I would do if I were called upon to handle such a computer: I would save any important files or pictures to USB or other storage and reinstall Ubuntu 14.04. Installation is quite easy; you have already, in all these posts, done more complicated things than installing.
Once you do that, you will be entirely in charge as the sole owner/user.
I want to know who is doing this though. It is important if something is being done to access my audio apparatus'. I want to know who is doing this.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
I'm not seeing anything "outrageously suspicious" in that text file.
