I had a very annoying control freak systems administrator some years back working on systems I owned, but he sought absolute control so he changed passwords everywhere. He could not understand how message-of-the-day or banner would continue to change. To my amusement never mentioned to me the "security breaches". He never saw that I had a Zebedee reverse tunnel connecting to the Unix server's telnet running out on port 443 out my own external server. Then noticed that in /etc/passwd there was another login with 0:0 root permissions. None of his changes to passwords, including root, or fiddling with the router could lock me out and of my control. About the only way I can see that your scenario of entry into a system is that an old machine is running a reverse tunnel. I doubt passwords were ever cracked. If I had all those breaches described and a mysterious Tor on my network I think I'd need to check I was taking my tablets Gerry Dr Gerry Bulger -----Original Message----- From: tor-relays [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of Andrea Sent: 30 May 2016 07:58 To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It I suggest a clean install of your computers and your smartphones. For your smartphone: don't use the factory reset, make sure that its firmware gets flashed. Most viruses or malware don't wait within your computer's bios for a new opportunity. Don't allow "autostart" for usb sticks or other data storages. Use cds or dvds provided by someone you trust to check on your computers and then do a clean install. If you need any advice mail me off list. Maybe I can help with this. ~Andrea On 5/30/2016 12:23 AM, Percy Blakeney wrote:
I did just that. TWICE. I now have a total of 5 phones, 3 laptops, 2 desktops 2 printers, and I'm now on my third router/modem. Whomever, whatever this is knows how to get into the firmware. I know this sounds crazy but it's true. I'd give anything for someone to come here and see for themselves.
On Sun, May 29, 2016 at 3:53 PM, Mirimir <mirimir@riseup.net <mailto:mirimir@riseup.net>> wrote:
On 05/29/2016 10:27 AM, Percy Blakeney wrote: > Whomever is and has been behind this is selective with what I can and can't > see. I KNOW our electronics are and have been controlled since we moved > here January 2014. I know this because at one time "they" were interacting > with me on via my desktop. I was asked if "they" could run a d-bus session > on another computer I have connected. Not knowing what a d-bus session was > "they" gave me a step by step run down on how to do it. I did what "they" > asked because it was kind of exciting. Now in retrospect it's more scary > than anything else. ...
Given what you've said, you might want to replace all of your electronics. The router, and all computers and other devices that have been connected to it, through wires or WiFi. Maybe also change ISP.
That may seem extreme. For computers, it might be sufficient to replace HDDs/SSDs. But smartphones, you should just replace entirely. The concern is that malware can be hidden in other components, not just in HDDs/SSDs.
Also, be very careful about transferring files from old machines. If you must, transfer individual files, not entire folders. Ideally, you would scan each file for malware in an intermediate throwaway machine, running a different OS. Maybe OSX, if your other machines are Windows and Linux. Or Windows, if your other machines are OSX and Linux. You can use USB flash drives. But use a given one only for a given pair of machines, to reduce the risk of transferring malware.
<SNIP>
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays