:: Re: [DNG] Who remembers rootkit..
Top Page
Delete this message
Reply to this message
Author: Jimmy Johnson
Date:  
To: dng
Subject: Re: [DNG] Who remembers rootkit..
On 10/21/18 2:13 PM, eric wrote:
> On 10/21/18 11:54 AM, Jimmy Johnson wrote:
>> On 10/21/18 6:24 AM, Andrew McGlashan wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA256
>
>>
>> The smart tv has wifi, like all this smart stuff we have today, if the
>> HDMI cable has internet, I doubt it, just audio and video.
>>
>> Just so everybody knows the laptop for multimedia, amd radeon has a
>> new from scratch install of ASCII, I've let it set overnight with a
>> movie on pause and the log is open and running live and while I've had
>> the net down the log says:eth0 link down, receive packet failed,
>> dhclent failed to send 300 byte long packet over fallback
>> interface(what fallback interface?), and last is send_packet: please
>> consult README file regarding broadcast address.
>>
>> That was the last log, since I brought the net down and it's much,
>> much quieter and seems to be behaving its self and my audio/video seem
>> to be perfect.  I have a computer to repair, a laptop with no power,
>> as I suffer spine & nerve damage & constant pain it maybe a all day
>> job.  So I will be checking comments when I can.  But for ASCII and it
>> seems to be behaving its self, that is great, with the intel its
>> behavior was crazy.
>>
>> Thanks,
>
> Hello Mr. Jimmy Johnson,
>
> I am just a casual GNU/Linux user who is very much interested in the
> Devuan project and I know next to nothing about networking and
> firewalls. I just use what the default is on installation.
>
> I just wanted to ask what log you are viewing and the method you are
> using to view the log file.
>
> I would like to check what kind of messages are being generated on my
> system.
>
> Thank you,
>
> Eric



First of all it was the Intel system that was giving me the problem,
it's now a file server, it's using Trinity desktop on ASCII, the
application is 'ksystemlog', and that laptop has 8 systems installed all
some kind of KDE and somebody mentioned DRM, I don't know about that,
but the behavior was unacceptable, I pulled that laptop and replaced it
with another that is not Intel and my system seems normal now even while
running the plasma5-desktop, so the problem was intel, driver, firmware,
microcode, I don't know, still testing, always testing. Old stable
systems like Ubuntu 14.4 + KDE4, Wheezy + KDE4, Devuan Jessie + KDE4
don't seem to have the problem with the Intel HDMI but none of them use
kernel version 4.XXX, they are version 2 or 3. All those systems and
more are installed on the Intel laptop.

The intel laptop log after bringing eth0 down, in this case it seems to
be using(Binding with) e1000e(The NIC) to get outside, unless I'm
reading this wrong, this is the end of the log:
[ 213.706282] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 213.994776] e1000e: eth0 NIC Link is Down
[ 214.238328] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 215.912089] e1000e: eth0 NIC Link is Up 100 Mbps Full Duplex, Flow
Control: Rx/Tx
[ 215.912095] e1000e 0000:00:19.0 eth0: 10/100 speed: disabling
TSO(Something to do with ethtool in the intel nic driver, the kernel is
now using the NIC driver(ethtool) to get HTTP.)
[ 215.912130] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
GLib-CRITICAL: Source ID 123 was not found when attempting to remove it
-----------------------------------------------------------------------
Worth noting, I've seen the kernel also use avahi-daemon, but the
avahi-daemon is not installed on my ASCII, I've also removed
avahi-autopid, but I've also stopped avahi-daemon in the past and that's
when the kernel did bind with the NIC and ask for a HTTP, and that's
what it seems to be doing now, I expect to see bugs up stream, but the
kernel binding with my NIC. Why? When I bring eth0 down that means I
don't want a internet connection and I expect that choice to honored. Am
I wrong?

cron was making a lot of noise and I don't use it so I stopped cron in
crontab, I don't think I have a reason to run cron? and HDMI is no
longer in use, just using laptop speakers and analog output, but the
strange kernel behavior still seems to persist. Also worth noting, you
used to have to turn things on to get service, now it seems the opposite
is the rule, why so much automation.
--
Jimmy Johnson

Slackware64 Current - KDE 4.14.38 - AMD A8-7600 - EXT4 at sda9
Registered Linux User #380263