:: Re: [DNG] Who remembers rootkit..
Top Page
Delete this message
Reply to this message
Author: m712
Date:  
To: dng
Subject: Re: [DNG] Who remembers rootkit..
This is not related to systemd. It sounds more like Xrandr and pulseaudio/alsa favoring your HDMI more than your laptop. The Linux kernel doesn't "know" about avahi daemon in the sense that there is no code for it in the Linux source tree. Did you ever log those HTTP requests by chance?

On October 21, 2018 1:10:27 PM GMT+03:00, Jimmy Johnson <field.engineer@???> wrote:
>On 10/21/18 1:19 AM, Andrew McGlashan wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Hi Rick,
>>
>> On 21/10/18 14:42, Rick Moen wrote:
>>> Quoting Jimmy Johnson (field.engineer@???):
>>>
>>>> Who remembers when rootkit hunter started showing problems and
>>>> Debian said they where false positive problems? I think it was
>>>> sometime during the development of Stretch. Well they fixed
>>>> rootkit hunter to not show those problems any longer and so goes
>>>> systemd, one BIG FAT security problem and has made security
>>>> software pretty much useless. At lest with a firewall and no
>>>> systemd you can stop kernel calls to get outside http or at lest
>>>> I can. I think it's to bad we have to live with a kernel that's
>>>> passing our activity to outside sources. I have this stuff
>>>> logged, it can't be denied.
>>
>> I think he means the callout by some systemd setup that does a http
>or
>> some other test for "connenctivity" ... perhaps it is more than that,
>> but that alone is a concern. It was suggested in /that/ thread to
>> which I think he is talking about, that the test should be to the
>> router or the first outside gateway from your local network.
>>
>> Anyways, I'm not too sure.
>>
>> Cheers
>
>Thanks for the post.
>
>I first noticed it while testing Stretch, I run a multimedia setup no
>problem with Jessie without systemd or wheezy, I was running a intel
>laptop HDMI to a big screen smart tv, the screen would go black and the
>
>audio would stop, I'm not the only on who has seen the problem as it's
>been mentioned on the Debian mailing list. Since then I have ran it on
>other systems, like Devuan, PCLinuxOS and Slackware too and have seen
>the the problem in real time while looking at the system log and I
>would
>see the kernel making calls to get a outside HTTP, I bring down my net
>connection and the kernel calls avahi daemon to bring it back up and
>make a HTTP connection, I stop avahi daemon and the kernel binds with
>the NIC and tries to get outside HTTP, that's where my firewall stops
>it. But the kernel keeps trying over and over and over endlessly to
>get
>outside HTTP and all this makes it imposable to watch my movie. Using
>the Intel laptop was convenient, but I got the idea to try my AMD
>nvidia
>desktop, I got the same kernel activity but no interference with
>audio/video, I'm now using ATI Radeon laptop, works the same as nvidia
>or maybe it's because their both AMD as I don't have nvidia or ATI
>running on a intel system that I can test.
>
>Questions?
>--
>Jimmy Johnson
>
>Slackware64 Current - KDE 4.14.38 - AMD A8-7600 - EXT4 at sda9
>Registered Linux User #380263
>
>_______________________________________________
>Dng mailing list
>Dng@???
>https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng


           m712
--
https://nextchan.org -- https://gitgud.io/blazechan/blazechan
I am awake between 3AM-8PM UTC, HMU if the site's broken