Hacked by hydra. At wits end.

[scatman98]

I was thinking more of the software ON the system.

Did you use the recommended method MXPI, or did you use deb downloads, stuff like that?

i downloaded using mxpi

when i run sudo for one program only in terminal, say, nordvpn client, it auto updates all repos and i get the same behaviour.

Why are you running the nord client as sudo? Run it as a user. These are the commands I use.
The first one is to just connect quickly. The second is when I'm torrenting.
The third is when I want to use a double vpn connection. The last is to disconnect.

Code: Select all

nordvpn connect
nordvpn connect P2P
nordvpn connect double_vpn
nordvpn disconnect

to install the client i was using the command on the website which brought up all the updates

Code: Select all

sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)

[scatman98]

I'd say: if you are scared of having been hacked, or basically, if you did something which you have no idea of what you did, and your system is not behaving, start over, and install from MXPI only.

In the time it takes to go on a chase, because I still really don't understand what you want or what is going on, you could be up and running properly again.

MXPI is the mx-packageinstaller right? i was using that.

i'm using deb files for now and skipping mxpi since it initiates all the repo updates which causes the same sort of behaviour to re appear.

i think if i could get dns over tls working without connecting to the internet first on a clean install that might help. i need to download systemd-resolved before i can get secure dns working. if this came pre-installed in the iso that would help with a secure connection to the internet and rule out DNS cache poisoning as one possibility of issues with MXPI.

[j2mcgreg]

I'm going to suggest that maybe your main repository is malfunctioning and that you should use Repo Manager in MX Tools to switch to one of these four which are owned and operated by the MX team:

Alblasserdam, The Netherlands

Los Angeles, California, U.S.A.

Salt Lake City, Utah, U.S.A.

Milan, Italy

[scatman98]

I'm going to suggest that maybe your main repository is malfunctioning and that you should use Repo Manager in MX Tools to switch to one of these four which are owned and operated by the MX team:

Alblasserdam, The Netherlands

Los Angeles, California, U.S.A.

Salt Lake City, Utah, U.S.A.

Milan, Italy

i'm on mxrepo.com i need a secure connection to the repo. its a clean install so the malfunction is only possible from some redirection of traffic etween the router and isp via a mitm attack on dns cache.

[uncle mark]

i'm on mxrepo.com i need a secure connection to the repo. its a clean install so the malfunction is only possible from some redirection of traffic etween the router and isp via a mitm attack on dns cache.

Stop with the "hacked" and "redirection" and "mitm" nonsense. Post your QSI and let the community see what your system is doing. You've buggered it up somehow and either need to straighten it out (probably a repo issue) or start all over.

MX is rock solid and secure out of the box. Get your system installed and fleshed out, and then ask for advise on hardening it if you think it's required. Me, I've never found it necessary. I'm not that important.

[siamhie]

to install the client i was using the command on the website which brought up all the updates

Code: Select all

sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)

The nordvpn app is in MXPI under the Network section of Popular Applications.
No need to download from the site, it will set everything up for you.

[siamhie]

I'm going to suggest that maybe your main repository is malfunctioning and that you should use Repo Manager in MX Tools to switch to one of these four which are owned and operated by the MX team:

Alblasserdam, The Netherlands

Los Angeles, California, U.S.A.

Salt Lake City, Utah, U.S.A.

Milan, Italy

Looking at that mirror they are using (https://mirror.kku.ac.th/mx-packages/mx/repo/pool/main/), there's several directories dating back to 2022.

[m_pav]

@uncle mark OP posted his QSI on the first page, #6
@scatman98 So having read through all of this I get the impression Linux on the desktop is a relatively new thing for you, and your understanding of Linux and in particular, the Debian ecosystem along with it's package management needs a bit of tweaking.

I suggest you begin by using as your fisrt port of call our pre-built tools and utilities, then take the time to learn about the CLI stuff by finding a page that gives you a beginners guide. There's plenty around to help you to get to grips with the first level or two of terminal usage.

You say you are having some issues with your system, I see you have your Samsung phone connected via USB in bluetooth tethering mode, so it looks like you're connecting to the internet through your phone. Having tried it in the past, I found this method to be less reliable because it requires the phone first be in good shape, really good shape, and many Android phones are not. Secondly, Linux sometimes loads a less than perfect driver for BT Devices, which, if you were affected by it, would cause the connection to be dodgy leading to a sense of weirdness at times.

Concerning the software (packages) on your machine, it's drop dead easy to get a list of all non-factory packages by simply clicking the Whisker menu button (some call it the start button - yuk!) and type UIP, and that's a capital "i", not a lowercase "l". This will bring up the User Installed Packages app. Click the top button in the app and it will query your machines package status and compare it with the "factory image", then print (to the screen) only the package names that do not exist in the factory image, thereby giving you a list of packages installed over and above the factory image.

Concerning the weirdness on your machine, are you using the built-in trackpad by any chance? I've used Lenovos for many years and I find that some models trackpads are overly sensitive and a finger or part of your hand being too close to it can result in unwanted taps leading to weirdness that makes the machine appear to be "posessed" Have you observed anything that resembles this action by any chance?

[j2mcgreg]

I'm going to suggest that maybe your main repository is malfunctioning and that you should use Repo Manager in MX Tools to switch to one of these four which are owned and operated by the MX team:

Alblasserdam, The Netherlands

Los Angeles, California, U.S.A.

Salt Lake City, Utah, U.S.A.

Milan, Italy

Looking at that mirror they are using (https://mirror.kku.ac.th/mx-packages/mx/repo/pool/main/), there's several directories dating back to 2022.

I was thinking more along the lines of the infrastructure hosting the mirror rather than the mirrors actual contents.

[scatman98]

@uncle mark OP posted his QSI on the first page, #6
@scatman98 So having read through all of this I get the impression Linux on the desktop is a relatively new thing for you, and your understanding of Linux and in particular, the Debian ecosystem along with it's package management needs a bit of tweaking.

I suggest you begin by using as your fisrt port of call our pre-built tools and utilities, then take the time to learn about the CLI stuff by finding a page that gives you a beginners guide. There's plenty around to help you to get to grips with the first level or two of terminal usage.

You say you are having some issues with your system, I see you have your Samsung phone connected via USB in bluetooth tethering mode, so it looks like you're connecting to the internet through your phone. Having tried it in the past, I found this method to be less reliable because it requires the phone first be in good shape, really good shape, and many Android phones are not. Secondly, Linux sometimes loads a less than perfect driver for BT Devices, which, if you were affected by it, would cause the connection to be dodgy leading to a sense of weirdness at times.

Concerning the software (packages) on your machine, it's drop dead easy to get a list of all non-factory packages by simply clicking the Whisker menu button (some call it the start button - yuk!) and type UIP, and that's a capital "i", not a lowercase "l". This will bring up the User Installed Packages app. Click the top button in the app and it will query your machines package status and compare it with the "factory image", then print (to the screen) only the package names that do not exist in the factory image, thereby giving you a list of packages installed over and above the factory image.

Concerning the weirdness on your machine, are you using the built-in trackpad by any chance? I've used Lenovos for many years and I find that some models trackpads are overly sensitive and a finger or part of your hand being too close to it can result in unwanted taps leading to weirdness that makes the machine appear to be "posessed" Have you observed anything that resembles this action by any chance?

I'm using the phone now as a tethering device since i got repeatedly locked out (changed passwords) of my router Asus rt-ax3000 and resetting it was a hassle. The phone is in good shape, except for the cache poisoning of apps via mitm attacks when running updates but that is cleared with the app cache clearing.