Choose style:

Author Topic: Have Ubuntu servers been hacked? [ReSOLVED]  (Read 2723 times)

0 Members and 1 Guest are viewing this topic.

Offline spence

  • Trusted User
  • Veteran
  • *****
  • Posts: 1918
  • Karma: 194
  • peppermint user since 2010
    • View Profile
    • My MeWe profile
  • Peppermint version(s): Peppermint 10
Have Ubuntu servers been hacked? [ReSOLVED]
« on: February 05, 2016, 01:59:40 pm »
I'm getting the following error whilst trying to decipher today's updates...

Code: [Select]
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/pool/main/s/shadow/login_4.1.5.1-1ubuntu9.2_amd64.deb
  Could not resolve 'us.archive.ubuntu.com'


W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/pool/main/s/shadow/passwd_4.1.5.1-1ubuntu9.2_amd64.deb
  Could not resolve 'us.archive.ubuntu.com'

and earlier I received another warning about "this is your last chance to abort before accepting updates that can't be authenticated... which was worrisome given the three particular updates that are scheduled...  openssh-client, login and passwd

« Last Edit: February 07, 2016, 02:51:40 pm by spence »
spence
PeppermintOS 10 currently installed  on:
'16 Antec Aria rebuild
 '18 Asus VivoBook


Do not despair, grasshopper...
    with patience all will be revealed...
       Through pain, enlightenment will come.

Offline GNULINUX

  • Trusted User
  • Member
  • *****
  • Posts: 987
  • Karma: 311
    • View Profile
  • Peppermint version(s): Peppermint Six (x64)
Re: Have Ubuntu servers been hacked?
« Reply #1 on: February 05, 2016, 03:57:45 pm »
Got those same updates through Update Manager, no problems here... Could be a temporary connection problem?

If you visit following link in your browser do you get an index page?
Code: [Select]
http://us.archive.ubuntu.com/
If not, change your DNS servers to something else and try again.
Try Google DNS: 8.8.4.4 and 8.8.8.8

You could also try other (close to your location) Software Sources: Update Manager->Edit->Software Sources->Download from...

Hope this helps!  ;)
Peppermint 6  (x64)   -   Windows 7 Ultimate SP1  (x64)
Running different OS flavors in VirtualBox, just for fun!

Offline AndyInMokum

  • Global Moderator
  • Hero
  • *****
  • Posts: 4808
  • Karma: 1013
  • "Keep on Rockin' in the Free World"
    • View Profile
  • Peppermint version(s): PM 9 & PM 8 Respin-2 (64-bit)
Re: Have Ubuntu servers been hacked?
« Reply #2 on: February 05, 2016, 04:57:07 pm »
Same here, I received these updates.  I encountered no problems either, they all went through as smooth of silk.  I have changed my DNS settings to use: OpenDNS instead of the default ones used by my ISP.  The one recommended by, perknh is from: NortonTM ConnectSafe.  The OpenDNS settings are: 208.67.222.222 and 208.67.220.220
Backup! Backup! Backup! If you're missing any of these -  you ain't Backed Up!
For my system info please L/click HERE.

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5445
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Have Ubuntu servers been hacked?
« Reply #3 on: February 05, 2016, 05:39:49 pm »
Lagging out on a couple of hops, but it's accessible from my corner of the state ...   ;)

Code: [Select]
╭─vindsl@Azrun ~  
╰─➤  traceroute us.archive.ubuntu.com -n
traceroute to us.archive.ubuntu.com (91.189.91.14), 30 hops max, 60 byte packets
 1  10.0.0.1  0.613 ms  0.867 ms  1.121 ms
 2  67.40.227.66  27.857 ms  27.951 ms  29.097 ms
 3  75.160.238.9  30.633 ms  31.930 ms  32.799 ms
 4  67.14.30.130  93.574 ms  95.108 ms  96.777 ms
 5  65.120.117.250  99.009 ms  101.259 ms  102.326 ms
 6  63.251.128.109  103.404 ms  104.448 ms  105.636 ms
 7  66.151.237.82  105.495 ms  84.687 ms  86.071 ms
 8  91.189.91.14  93.931 ms  93.786 ms  91.936 ms
╭─vindsl@Azrun ~ 
╰─➤ 

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3876
  • Karma: 303
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Re: Have Ubuntu servers been hacked?
« Reply #4 on: February 05, 2016, 05:44:41 pm »
These are the settings from Norton's SafeConnect:

Spoiler (click here to view / hide)
The following three pre-defined content filtering policies are available for home and personal use:

Policy 1: Security (199.85.126.10 and 199.85.127.10) This policy blocks all sites hosting malware, phishing sites, and scam sites. To use Policy 1, you should configure the DNS settings of your home router or Web-enabled device to use the following Norton ConnectSafe IP addresses: 199.85.126.10 and 199.85.127.10.

Policy 2: Security + Pornography (199.85.126.20 and 199.85.127.20) In addition to blocking unsafe sites, this policy also blocks access to sites that contain sexually explicit material. To use Policy 2, you should configure the DNS settings of your home router or Web-enabled device to use the following Norton ConnectSafe IP addresses: 199.85.126.20 and 199.85.127.20.

Policy 3: Security + Pornography + Other (199.85.126.30 and 199.85.127.30) In addition to blocking unsafe sites and pornography sites, this policy also blocks access to sites that feature mature content, abortion, alcohol, crime, cults, drugs, gambling, hate, sexual orientation, suicide, tobacco or violence. To use Policy 3, you should configure the DNS settings of your home router or Web-enabled device to use the following Norton ConnectSafe IP addresses: 199.85.126.30 and 199.85.127.30.
[close]

I've had good luck, believe it or not, Yandex's DNS too, but after doing the DNS Nameserver Spoofability Test from Gibson Research Corporation, I've seen that ConnectSafe ignores an external ping --something I don't think Yandex DNS service does.

Still, I might as well give the link for Yandex DNS too.  It works pretty well too.  And thinking of rajeev2631007 from an earlier thread, Yandex has a setting for child safety too. ;)

https://dns.yandex.com



We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26290
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Have Ubuntu servers been hacked?
« Reply #5 on: February 06, 2016, 06:12:10 am »
I also got the updates without issue, but then I'm on the gb servers.

I doubt if it's a "hacking" problem .. just one of those things where they become inaccessible for a short while for whatever reason (server load/dns resolution/isp caching/etc.)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5445
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Have Ubuntu servers been hacked?
« Reply #6 on: February 06, 2016, 09:37:20 am »
Normally I use mirrors for Ubu upgrades, but ...

I just did an incremental update using the "Server for United States" repo and it was unremarkable.

Heh !  Have we beat this one to death yet ?   :D

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5445
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Have Ubuntu servers been hacked?
« Reply #7 on: February 06, 2016, 10:07:05 am »
I doubt if it's a "hacking" problem .. just one of those things where they become inaccessible for a short while for whatever reason (server load/dns resolution/isp caching/etc.)

LoL !  I used to have an ISP that set the TTL on their DNS cache to (like) a week.

Used to drive me crazy.  I'd change something at 1&1 or Dotster and it would propagate around the world within an hour or two.  Some places would take a day or two.  At my ISP, it would take a week or two.  Many times I had to call my ISP and tell them to update their damn cache.

I *think* spence lives south of me, here in AZ.  If he's using a name server at a mom n' pop ISP, like I did up north, that could be the prob.

Maybe Canonical changed something, and it just took a while to filter down to him.

Just saying ...

Offline spence

  • Trusted User
  • Veteran
  • *****
  • Posts: 1918
  • Karma: 194
  • peppermint user since 2010
    • View Profile
    • My MeWe profile
  • Peppermint version(s): Peppermint 10
Re: Have Ubuntu servers been hacked?
« Reply #8 on: February 07, 2016, 02:51:12 pm »
Yes VinDSL I live south of you in the undeclared Peoples Republic of Baja Arizona...  8)
My isp is Cox Communications, sole available option in our neighborhood, aside from overpriced satellite service. Cox was having a PRBA wide system failure that morning... which resolved later in the day. I'd never before received a warning from the update software about "accepting updates which could not be authenticated" and given the nature of the three updates previously listed, I became alarmed...  >:(
« Last Edit: February 07, 2016, 07:07:25 pm by spence »
spence
PeppermintOS 10 currently installed  on:
'16 Antec Aria rebuild
 '18 Asus VivoBook


Do not despair, grasshopper...
    with patience all will be revealed...
       Through pain, enlightenment will come.

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5445
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Have Ubuntu servers been hacked? [ReSOLVED]
« Reply #9 on: February 07, 2016, 04:39:20 pm »
Oh, okay ...

Packet routing issue, a janky edge router, or whatevs.  If that's the case, changing DNS servers won't do jack.  You won't be able to contact them anyway (arguably).

I had a similar, ongoing problem at my former ISP.  The whole system would go down nightly, around 2 AM.  Wiped AZ customers off the grid.

They only had one person working at the noc, at night, and if he wasn't paying attention to the monitors, we'd be down for hours.

To make the situation worse, there was no telephone tech support outside their regular business hours, only email.

They finally gave me the phone number for the noc (no bull) so I could call it directly.  Looking back, it was funny as hell, but not so funny at the time, believe me.

Anyway, it took them months to find the flaky edge router.  It never did go belly-up.  It would just spaz out every night. 

Turned out it was somewhere over in Cali, at one of their vendors.  After they replaced it, I never had another problem.

EDIT

As fate would have it, I spent the last two hours shredding docs, and the rascals billing receipts were in the pile.

This is the mom n' pop I was using in the Valley:  http://www.cybertrails.com/  (noc was on Lone Cactus Dr)

Why did I go with them, you might ask ?!?!  They were offering *free* dial-up as an enticement to signup, which was crucial to me, at the time.
« Last Edit: February 07, 2016, 06:58:04 pm by VinDSL, Reason: Addendum »

Offline spence

  • Trusted User
  • Veteran
  • *****
  • Posts: 1918
  • Karma: 194
  • peppermint user since 2010
    • View Profile
    • My MeWe profile
  • Peppermint version(s): Peppermint 10
Re: Have Ubuntu servers been hacked? [ReSOLVED]
« Reply #10 on: February 07, 2016, 07:09:37 pm »
DIAL_UP?? aaaaaaaaaaaaaaaiiiiiiiiiiiiiiiiiiiiieeeeeeeeeeeeeeeeeee     :o
spence
PeppermintOS 10 currently installed  on:
'16 Antec Aria rebuild
 '18 Asus VivoBook


Do not despair, grasshopper...
    with patience all will be revealed...
       Through pain, enlightenment will come.

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5445
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Have Ubuntu servers been hacked? [ReSOLVED]
« Reply #11 on: February 08, 2016, 06:12:03 am »
IKR

Pre-WiFi (on the road).  Remember those days ?!?!?    :)

ADSL was spotty in this area.  I was 16,000 ft. from the CO on a crappy loop.  When it went down, I had to revert to dialup.

My account got red-flagged once, for running web servers out of my house.  Qwest said it was against the EULA.  An AOL "free trial" account got me through that period.

To this day, dialup still works great, in a pinch.  All you need is a patch cord and a phone jack (landline).

If you have a scanner and a printer, dialup modems will allow you to send and receive FAX transmissions.

Also, you can setup private networks (with your crew) over dialup, free from NSA snooping.  LoL !   :D

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26290
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Have Ubuntu servers been hacked? [ReSOLVED]
« Reply #12 on: February 08, 2016, 10:07:28 am »
CitizenFour might disagree with that last statement ;)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec