Knoppix malware?

Discussion in 'Computer Security' started by sadielucas, Jul 19, 2011.

  1. sadielucas

    sadielucas

    Joined:
    Jul 19, 2011
    Messages:
    1
    I'm a Tulane EE in grad school. I built my first PC at 3 1/2 years. I also have 20+ years experience with my family's computer service firm. Enterprise systems and data farms are my passion. I KNOW malware when I see it.

    I am running the latest Knoppix Live, using WiFi, and the malware (or whatever) consistently returns. This code has disabled six PCs with various OSs complete with all the updates: XP, XP64, Vista, 7, Debian, Knoppix, Ubuntu... Using a script to configure ipchains to disable access from the outside is futile - the malcontent tunnels through the firewall and performs its dirtywork.

    I disconnected the hard disks and simply use two cdroms for the live cds. I use the box until it is disabled by the malware, remove the CMOS battery and clear the CMOS, download a fresh copy of a live distribution with a clean(?) Mac, install a new motherboard, processor and memory. The same result ALWAYS happens in a very short time (with the Windows PCs, the box was disabled in 15 seconds).

    DNS is screwed, ubiquitous scripts are run that change commands, man info, menus, keyboard strokes file listings on cds... the list goes on. Any thoughts? Thank you in advance.

    By the way, it IS possible for the OS to change CMOS settings running Knoppix from a cd: last night the processor fan was disabled and the processor voltage increased until the chip released the pungent odor of burning electrical components. I thought it was my mistake and setup another PC with four fans glued to one another and a huge copper heat sink (cooling fins >4"). I set the processor temp to 100 degrees Farenheit - the contraption sounded like a prop plane. The same result - disabled CPU fan and increased CPU voltage. Ah, the pungent, and not fragrant aroma of burnt silicone.

    Also the Knoppix CD provides a utility for writing to CMOS, BIOS and whatever chips. I have a log script that calls for a hack of the CMOS password, changes settings, and writes code to the chip.

    This is not a delusion. I have voluminous amounts of log files and scripts that appear to be from other sources than the software publishers. Any help would be appreciated. My dad (35 years in the business) has never witnessed such behavior.

    Sadie
     
    sadielucas, Jul 19, 2011
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joe S.

    Downloaded Knoppix STD - can't boot to it

    Joe S., Jun 23, 2003, in forum: Computer Support
    Replies:
    10
    Views:
    1,305
    MrToed
    Jun 25, 2003
  2. trout

    Knoppix

    trout, Aug 8, 2003, in forum: Computer Support
    Replies:
    6
    Views:
    738
    Monsignor Larville Jones MD
    Aug 10, 2003
  3. Soup

    Knoppix and lexmark Z55

    Soup, Dec 30, 2003, in forum: Computer Support
    Replies:
    3
    Views:
    586
    Budweiser
    Dec 30, 2003
  4. Kevin Buthorn

    Installing Knoppix

    Kevin Buthorn, Jan 30, 2004, in forum: Computer Support
    Replies:
    6
    Views:
    4,315
    hoobs
    Nov 30, 2007
  5. Bill Gates
    Replies:
    2
    Views:
    1,009
    Kenny
    Sep 18, 2007
Loading...

Share This Page