Mike C wrote:
LMH wrote:
JD wrote:
LMH wrote:
Mike C wrote:
LMH wrote:
I currently have seamonkey 2.4.1 installed and it is possible that I
have had a security breach. I would like to re-install seamonkey,
but I
need to be able to do that without losing my profiles (which are
stored
on another drive from the seamonkey install folder).
Is there a tutorial on how to do this without needing to re-import
everything, which is a pain.
LMH
Your existing profiles may contain something you don't want.
Copying them and then putting them into a new installation may just
transfer the problem. (What IS the problem?)
You should be able to reinstall a new SM right over the old one.
BUT....I would create a new profile first and see if all is Ok there.
Mozbackup is a GREAT program. I've been using is for about 8 years!
It will back up your profile files instead of you doing it manually.
It will then restore the files to the new installation.
BUT... You need to explain what you mean by "security breach"?
Does someone know your passwords?
Do you have malware or a virus?
Is it only SM that's affected?
One of the reasons I use seamonkey is that it allows me to keep my
profiles in any location I designate. I have my profiles in a location
outside the seamonkey install directory, and off of the C: drive. These
folders are backed up every night along with all of my other data
(using
rsync). If I restore my OS from an image, or something like that, my
email and browser are usually not affected. The same goes for a full
re-install of windows.
I haven't used mozbackup because I try to avoid relying on additional
applications. My experience has been that simple file to file backups
are the most dependable. All that said, using mozbackup in the manner
suggested would not compromise the redundancy already in place. Worst
case, I can always re-import my profiles, so I don't mind trying other
solutions. I wish that seamonkey had a simpler import tool, like point
to a folder and say "import this one", instead of running from the
command line and all that.
I have a credit card that I use for online purchases only. That card
recently had a string of fraudulent charges run up on it, all of which
were online purchases from sites in Europe. My bank caught the charges
and flagged them as suspicious, so they never got past the pending
state. The charges have been canceled, along with the card. I am going
through some due diligence to make sure my system here hasn't been
compromised. Since these were online purchases, who ever used the card
would have needed to know the card number, name as printed on the card,
expiration date, card security number, and the entire correct billing
address. The two easiest places to acquire this data are from one of
the
emerchants I made purchases from, or from my browser. There are very
few
emerchants I do business with, and most of them are very reputable
(newegg, amazon, etc), but I still think an emerchant is the most
likely
source. Still, I think it makes sense to look at my browser.
It would be nice if there was a way to scan all of the browser
components and do an MD5SUM to confirm that all of the .exe, .dat, and
.dll files are unmodified. I'm not sure where to look in the profile
folders to see if anything is amiss.
LMH
What programs do you have to scan for spyware? That's a pretty good way
to take a look at the security of your browser.
I normally run Zone Alarm ISS (firewall and AV) and also have spybot SSD
installed. Along with a sofaware firewall router with AV, this has
always been enough.
I have run a full malware sweep based on the protocol recommended by
MajorGeeks (Super AntiSpyware, Malwarebytes, ComboFix, RootRepeal,
MGtools). Nothing was found in the sweep.
The fraud investigator at my bank said that it is unlikely that my
system is compromised. He said that some of the charges were rejected
because the all of the information given didn't match the card number.
He said that this was most likely a hacker trying random 16 digit
account numbers and random expiration dates. They keep trying
combinations by testing on small charges ($3 or less) until they get
something that authorizes. Once they have the combination they sell it.
Some places don't check if all of the data matches and just get an
authorization for the amount charged. Most of the places where the
number was used did check everything and canceled the order. It doesn't
look like anything got into my system here, otherwise they would have
had all of the information needed to use the card and not just the
number and expo date.
LMH
If SM is clean, go ahead and back it up with MozBackup.
Backup is simple and restoring is simple.
The reason I don't use MozBackup is that my email and web profile
content changes on a daily basis. I back up my profile folders on a
daily basis using rsync, like I back up all of my data.
I suppose MozBackup makes sense as a backup tool to use before a
re-install, but unless you run it every day, you will lose data when you
restore. It still makes no sense to me why there isn't a Tools > import
> import profile function to just point to a directory with a profile
and import it. That function seems to exist, since you can run seamonkey
from the command line with an import flag, so why is the function
restricted to the command line? If I remember right, you have to create
the profile first, but exit SM without trying to open the profile. Then
you have to run SM from the command line with the import flag and select
the dummy name as the profile you are importing to. I also think that
you have to import the profile from a different location than the actual
profile is stored. What in the world is wrong, "the profile is located
here", just add it to the list? I don't think that much of anything is
done other than just adding an entry to the Application Data
profiles.ini file, so why all the gymnastics? This always seems to be
much more complicated than it needs to be.
Since my profile folders won't get touched in the re-installation, is
there some reason why I can't just copy the existing profiles.ini file
and paste it into the folder after the re-install?
LMH
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey
