Lame but mildly successful hacking attempt on my ubuntu 10.4

Ive seen this attack occur on a windows xp machine running realvnc a number of years ago but this time it hit my ubuntu 10.4 machine.


I am currently working away from an internet connection so i am using my phone tethered with my computer to get online (see my last post). This configuration gives my laptop my public IP address ( ie no network address translation).

I was sitting at my machine just about to start programming and all of a sudden my mouse starts moving.

I looked at the gnome to panel just as it flashed the “your computer is being remotely controlled” message from the VNC server vino built into ubuntu.

The remote connection then typed the following message as if it was trying to run that command.

You can see the command now in line 8 of my program. Windows users will recognize this as an attempt to open the windows command line.

The remote connection terminated a second later and the attack was over.

I then opened my remote desktop preferences to check whether or not I had turned it on

It doesn’t appear that anyone should have had access as the service was not really activated.

If you look closely you will see however that even though the options are greyed out the box for “allow others users to control…” was ticked and all the security boxes were unticked. I cannot remember what settings i had before the attack and its possible that as part of the attack the settings were changed but as all it tried to do was run a windows command (as far a i could see) i can only assume that the attack was probably not written to attack gnome.

All in all made for a good laugh seeing a windows attack play out on a linux machine. I just hope nothing else happened that i didnt see.


Edit: I had a bit of a flip through my system logs and it looks all clean.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.