On 2023-04-18 21:35, David Christensen wrote:
On 4/18/23 06:43, Jesper Dybdal wrote:
On 2023-04-16 14:19, I wrote:
...
And there in the bash history were 4 lines that I had not written :-(
To summarize:
* Greg has convincingly argued that there is no way for the running
shell to get
On 4/18/23 06:43, Jesper Dybdal wrote:
On 2023-04-16 14:19, I wrote:
...
And there in the bash history were 4 lines that I had not written :-(
To summarize:
* Greg has convincingly argued that there is no way for the running
shell to get those lines into its history, other than by issuing
Hello,
On Tue, Apr 18, 2023 at 06:22:16PM +0200, Michel Verdier wrote:
> I recently learned the ctrl-r key which launch a regex search in
> history. It's more powerful than ! as it search the full
> lines so not only commands but also parameters.
Now step in to the late 2010s and look into "fzf"
Le 18 avril 2023 songbird a écrit :
> i like to start with a known state including the shell history
> so upon starting up a terminal i determine what commands i want
> in the history by detecting which directory i'm in (which tells
> me which project i'm working on). it's very easy then for
wrote:
...
> Definitely. I just pointed that out as a request for discussion.
> Perhaps this isn't portable across shells or even different
> versions of bash. So caveat emptor :)
>
> Cheers and thanks -- I didn't know about HISTTIMEFORMAT before!
just as an aside for those who think about
On Tue, 18 Apr 2023 22:07:16 +0800
Jeremy Ardley wrote:
> The only way to be sure you are secure is to check the client list on
> the router. If you have something you don't recognise then that may
> be an intruder.
You might also look into arpwatch and arpalert.
--
Does anybody read
On 18/4/23 21:36, Jesper Dybdal wrote:
Is it secured with
wpa2?
Yes. The password is not easy to guess, and the neighbors do not know
it. I think (but I may remember that incorrectly) that I checked the
log file in the access point and found nothing suspicious.
Coincidentally I was
On 2023-04-18 10:25, Richmond wrote:
It's a long shot, but does either computer have wifi?
Those two computers do not, but the LAN they're connected to does have a
WiFi access point. So yes, if anybody could access the LAN through the
WiFi and find a security hole in Windows to exploit,
On 2023-04-18 07:29, David wrote:
On Tue, 18 Apr 2023 at 04:42, David Wright wrote:
There is an option to timestamp entries in the history file. I've
never used it, nor heard of its being used. That might disambiguate
things if you ever suspect it might happen again.
Hi, on my machines I use
On 2023-04-16 14:19, I wrote:
...
And there in the bash history were 4 lines that I had not written :-(
To summarize:
* Greg has convincingly argued that there is no way for the running
shell to get those lines into its history, other than by issuing them
over the ssh connection.
* We can
On Tue, Apr 18, 2023 at 11:59:58AM +, David wrote:
> On Tue, 18 Apr 2023 at 07:51, wrote:
> > On Tue, Apr 18, 2023 at 05:29:43AM +, David wrote:
[...]
> > > The colon and semicolon allow the timestamp
> > > to function as a no-operation command.
> >
> > At least in bash, this doesn't
On Tue, 18 Apr 2023 at 07:51, wrote:
> On Tue, Apr 18, 2023 at 05:29:43AM +, David wrote:
> > On Tue, 18 Apr 2023 at 04:42, David Wright wrote:
> > > There is an option to timestamp entries in the history file. I've
> > > never used it, nor heard of its being used. That might disambiguate
>
On Tue, Apr 18, 2023 at 11:51:42AM +0100, debian-u...@howorth.org.uk wrote:
> wrote:
[...]
> > At least in bash, this doesn't seem necessary, as you are
> > only seeing an external representation: internally, bash
> > keeps the timestamp separate (as happens to the seq number,
> > too).
> >
>
wrote:
> On Tue, Apr 18, 2023 at 05:29:43AM +, David wrote:
> > On Tue, 18 Apr 2023 at 04:42, David Wright
> > wrote:
> > > There is an option to timestamp entries in the history file. I've
> > > never used it, nor heard of its being used. That might
> > > disambiguate things if you ever
It's a long shot, but does either computer have wifi? Is it secured with
wpa2?
On Tue, Apr 18, 2023 at 05:29:43AM +, David wrote:
> On Tue, 18 Apr 2023 at 04:42, David Wright wrote:
>
> > There is an option to timestamp entries in the history file. I've
> > never used it, nor heard of its being used. That might disambiguate
> > things if you ever suspect it might
On Tue, 18 Apr 2023 at 04:42, David Wright wrote:
> There is an option to timestamp entries in the history file. I've
> never used it, nor heard of its being used. That might disambiguate
> things if you ever suspect it might happen again.
Hi, on my machines I use Bash as interactive
shell,
On Sun 16 Apr 2023 at 16:39:13 (+0200), Jesper Dybdal wrote:
> On 2023-04-16 16:33, David Wright wrote:
> > On Sun 16 Apr 2023 at 14:19:34 (+0200), Jesper Dybdal wrote:
> > > The 4 lines were:
> > > > md5users
> > > > sp md5users
> > > > sp /x/md5users
> > > > ps /x/md5users
> > >
> > Just FTR
On Mon, 17 Apr 2023, Stefan Monnier wrote:
That said, using one computer as router, firewall, file server, name server,
web server, and more represents "all of your eggs in one basket". I suggest
using dedicated hardware for networking, network segmentation (e.g. DMZ),
and kernel or hypervisor
> That said, using one computer as router, firewall, file server, name server,
> web server, and more represents "all of your eggs in one basket". I suggest
> using dedicated hardware for networking, network segmentation (e.g. DMZ),
> and kernel or hypervisor compartmentalization of services.
On 2023-04-16, Jesper Dybdal wrote:
>
> On 2023-04-16 15:08, Greg Wooledge wrote:
>> On Sun, Apr 16, 2023 at 02:19:34PM +0200, Jesper Dybdal wrote:
>>> And there in the bash history were 4 lines that I had not written :-(
>> I would initially ask "who else lives with you"
>
> So would I - if
Le 17 avril 2023 David Christensen a écrit :
> That said, using one computer as router, firewall, file server, name server,
> web server, and more represents "all of your eggs in one basket". I suggest
> using dedicated hardware for networking, network segmentation (e.g. DMZ), and
> kernel or
On 4/16/23 05:19, Jesper Dybdal wrote:
I have a Debian pc functioning as router, firewall, file server, name
server, webserver, ...
It has very recently been upgraded to Bullseye.
On the internal network I have a Windows 10 pc.
And there in the bash history were 4 lines that I had not
On 2023-04-16 19:35, Thomas Schmitt wrote:
Hi,
to make this mail on-topic:
Jesper Dybdal, do you see the riddling lines in file ~/.bash_history
of the superuser ?
Yes.
If so: Do you see other strange lines there ? (Do they give more clue ?)
No. I stupidly did not save the rest of
On Sun 16 Apr 2023 at 19:35:20 (+0200), Thomas Schmitt wrote:
>
> Jesper Dybdal, do you see the riddling lines in file ~/.bash_history
> of the superuser ?
> If so: Do you see other strange lines there ? (Do they give more clue ?)
>
>
> A bit less on-topic:
>
> Greg Wooledge wrote:
> > Bash
Hi,
to make this mail on-topic:
Jesper Dybdal, do you see the riddling lines in file ~/.bash_history
of the superuser ?
If so: Do you see other strange lines there ? (Do they give more clue ?)
A bit less on-topic:
Greg Wooledge wrote:
> Bash doesn't read the contents of the history file into
Le 16 avril 2023 Jesper Dybdal a écrit :
> The question then remains: what to do with the Windows system before I dare
> run a root ssh session from that machine again? Perhaps restore a backup, but
> from when?
As you don't know *how* you can't guess *when* and should reinstall from
scratch.
On 2023-04-16 17:57, Greg Wooledge wrote:
On Sun, Apr 16, 2023 at 04:30:51PM +0200, Jesper Dybdal wrote:
My .bashrc has:
export HISTCONTROL=ignoreboth
and that's all. And your description of the default behaviour matches what
I experience with bash.
There is simply no scenario where all of
On Sun, Apr 16, 2023 at 04:30:51PM +0200, Jesper Dybdal wrote:
> On 2023-04-16 15:08, Greg Wooledge wrote:
> > (Have you altered root's bash history configuration on that Debian system?
> > If so, how?)
> My .bashrc has:
> > export HISTCONTROL=ignoreboth
>
> and that's all. And your description
Le 16 avril 2023 Jesper Dybdal a écrit :
>> Perhaps a bot trying to execute some commands. As they do not apply to
>> debian you debian machine should not be compromised.
> Unless the malware on the windows machine is smart enough to use my secret key
> and decrypt it with a password retrieved
Le 16 avril 2023 Greg Wooledge a écrit :
> Do you mean that if you open two simultaneous bash sessions, and type
> a command into Session A, that it immediately appears in the history
> of Session B? (Or, immediately after hitting Enter in Session B, maybe.)
Ok I understand. I was meaning bash
On Sun, Apr 16, 2023 at 04:39:13PM +0200, Jesper Dybdal wrote:
>
> On 2023-04-16 16:33, David Wright wrote:
> > On Sun 16 Apr 2023 at 14:19:34 (+0200), Jesper Dybdal wrote:
> > > The 4 lines were:
> > > > md5users
> > > > sp md5users
> > > > sp /x/md5users
> > > > ps /x/md5users
> > >
> > Just
On Sun, Apr 16, 2023 at 10:08 AM Jesper Dybdal wrote:
> ...
> In the long term, now that I'm retired, I hope to drop Windows
> completely - but not quite today :-).
++
My family went Windows-free about 2014. Grandparents, parents and me
are all using Linux. I cut them over to Linux because of
On 2023-04-16 16:33, David Wright wrote:
On Sun 16 Apr 2023 at 14:19:34 (+0200), Jesper Dybdal wrote:
The 4 lines were:
md5users
sp md5users
sp /x/md5users
ps /x/md5users
Just FTR and clarity's sake, are the "> " characters (which my MUA has
unhelpfully doubled by quoting) part of what
On Sun 16 Apr 2023 at 14:19:34 (+0200), Jesper Dybdal wrote:
> And there in the bash history were 4 lines that I had not written :-(
>
> I am certain that nobody had been in my apartment while I was gone.
> And even if they had, nobody with a key to my apartment would dream of
> writing things
On 2023-04-16 15:08, Greg Wooledge wrote:
On Sun, Apr 16, 2023 at 02:19:34PM +0200, Jesper Dybdal wrote:
And there in the bash history were 4 lines that I had not written :-(
I would initially ask "who else lives with you"
So would I - if I didn't know that the few people with physical
On 2023-04-16 14:59, Michel Verdier wrote:
Le 16 avril 2023 Jesper Dybdal a écrit :
I have scanned the Windows machine with two antivirus tools (Windows defender
and Malwarebytes).
Can you use clamav on windows ?
I hadn't thought of that. I'll check.
modules.dep
modules.devname
On 2023-04-16 14:40, Eduardo M KALINOWSKI wrote:
On 16/04/2023 09:19, Jesper Dybdal wrote:
And there in the bash history were 4 lines that I had not written :-(
I am certain that nobody had been in my apartment while I was gone.
And even if they had, nobody with a key to my apartment would
On Sun, Apr 16, 2023 at 03:11:07PM +0200, Michel Verdier wrote:
> I don't remember changing default for that and my bash shares between
> sessions.
(NOTE: this is NOT the OP!) (Deletes a whole reply.)
OK, not-the-OP... your statement that bash "shares between sessions" is
extremely ambiguous.
Le 16 avril 2023 Eduardo M. KALINOWSKI a écrit :
> Which shell do you use, and how is it configured? Note that bash by default
> does not share history between sessions, so even if someone logged in as root
> (via other ssh session) and typed them, they would not appear in your ssh
> session.
I
On Sun, Apr 16, 2023 at 02:19:34PM +0200, Jesper Dybdal wrote:
> The windows machine had an ssh connection to the Debian machine (using
> PuTTY), logged in as root on the Debian machine.
> I then went for a walk with the dog, leaving the ssh session running.
> When I came back, I wanted to
Le 16 avril 2023 Jesper Dybdal a écrit :
> I have scanned the Windows machine with two antivirus tools (Windows defender
> and Malwarebytes).
Can you use clamav on windows ?
>> modules.dep
>> modules.devname
>> modules.symbols.bin
>> modules.symbols
>> modules.builtin.bin
>> modules.alias.bin
On 16/04/2023 09:19, Jesper Dybdal wrote:
And there in the bash history were 4 lines that I had not written :-(
I am certain that nobody had been in my apartment while I was gone. And
even if they had, nobody with a key to my apartment would dream of
writing things like the 4 lines that I
I have a Debian pc functioning as router, firewall, file server, name
server, webserver, ...
It has very recently been upgraded to Bullseye.
On the internal network I have a Windows 10 pc.
A few days after the Debian upgrade, I had the following strange experience:
The windows machine had an
44 matches
Mail list logo
