Help, I've been hacked somehow.

Gilles Gravier ggravier at fsfe.org
Tue Mar 16 08:20:01 UTC 2010 

Facebook uses many IP addresses. This week I'm in Spain and I get it on
66.220.x.x ...

>From my machine, your 74.X address doesn't go to facebook. The 69.x does.

Try moving your .mozilla directory to something different and starting
with a FRESH browser configuration. Does that work?

Gilles.

On 16/03/2010 09:13, Ray Parrish wrote:
> Gilles Gravier wrote:
>   
>> Hi!
>>
>> Try by looking at your browser. Clear up your cache. Clear up your
>> cookies for facebook domain. Then try again.
>>
>> Gilles.
>>
>> On 16/03/2010 08:28, Ray Parrish wrote:
>>   
>>     
>>> Hello,
>>>
>>> I ws on Face Book, and had decided to unfan Karmaceutical Records, since 
>>> all they dispense is porno music videos, and immediately after surfing 
>>> to their fan page, and clicking the remove me as a fan link, I tried to 
>>> surf back to FaceBook, and I could no longer load my home page.
>>>
>>> I tried the is it everyone, or just me page, and they say it's just me. 
>>> I can not even load the top level page on Face Book. How in the hell did 
>>> they do that?
>>>
>>> Here is my iptables, and hosts file, both of which show nothing 
>>> untoward. Can some network guru please tell me how else I mght be being 
>>> blocked?
>>>
>>> ray at RaysComputer:~$ sudo iptables -L
>>> Chain INPUT (policy ACCEPT)
>>> target     prot opt source               destination        
>>> DROP       tcp  --  anywhere             anywhere            tcp 
>>> flags:FIN,SYN,RST,ACK/SYN
>>>
>>> Chain FORWARD (policy ACCEPT)
>>> target     prot opt source               destination        
>>>
>>> Chain OUTPUT (policy ACCEPT)
>>> target     prot opt source               destination        
>>> ray at RaysComputer:~$ cat etc/hosts
>>> cat: etc/hosts: No such file or directory
>>> ray at RaysComputer:~$ cat /etc/hosts
>>> 127.0.0.1 localhost
>>> 127.0.1.1 RaysComputer
>>>
>>> # The following lines are desirable for IPv6 capable hosts
>>> ::1 ip6-localhost ip6-loopback
>>> fe00::0 ip6-localnet
>>> ff00::0 ip6-mcastprefix
>>> ff02::1 ip6-allnodes
>>> ff02::2 ip6-allrouters
>>> ff02::3 ip6-allhosts
>>> ray at RaysComputer:~$
>>>
>>> Thanks for any help you can be.
>>>
>>> Later, Ray Parrish
>>>     
>>>       
> That did not work. Here is more information that I am getting. Can you 
> confirm that the ip address I telneted to is the Face Book address? If 
> it is, I am able to connect to them via Telnet, but not my browser.
> ray at RaysComputer:~$ traceroute www.facebook.com
> traceroute to www.facebook.com (69.63.189.39), 30 hops max, 40 byte packets
>  1  * * *
>  2  eugn (67.42.192.201)  41.047 ms  42.289 ms  44.295 ms
>  3  eugn (67.42.193.65)  46.373 ms  48.490 ms  50.408 ms
>  4  eug-core-01.inet.qwest.net (205.171.150.57)  52.977 ms  54.830 ms  
> 56.787 ms
>  5  sea-brdr-02.inet.qwest.net (205.171.26.146)  64.571 ms  66.337 ms  
> 68.302 ms
>  6  te8-3-10G.ar5.SEA1.gblx.net (64.208.110.141)  70.348 ms  46.861 ms  
> 46.739 ms
>  7  FACEBOOK-INC.TenGigabitEthernet6-2.ar1.PAO2.gblx.net (67.17.162.38)  
> 60.761 ms  60.192 ms  59.815 ms
>  8  ae0.bb01.pao1.tfbnw.net (74.119.76.132)  83.289 ms  60.392 ms  61.103 ms
>  9  xe-7-2-0.bb01.iad1.tfbnw.net (74.119.76.173)  130.024 ms  127.667 
> ms  128.398 ms
> 10  ae0.dr01.ash2.tfbnw.net (74.119.76.65)  127.430 ms  127.229 ms  
> 191.376 ms
> 11  eth-18-1.csw01.ash2.tfbnw.net (74.119.76.125)  128.114 ms 
> eth-17-2.csw01a.ash2.tfbnw.net (74.119.76.127)  127.285 ms 
> eth17-1.csw01b.ash2.tfbnw.net (74.119.76.117)  127.934 ms
> 12  * * *
> 13  * * *
> 14  * * *
> 15  * * *
> 16  * * *
> 17  * * *
> 18  * * *
> 19  * * *
> 20  * * *
> 21  * * *
> 22  * * *
> 23  * * *
> 24  * * *
> 25  * * *
> 26  * * *
> 27  * * *
> 28  * * *
> 29  * * *
> 30  * * *
> ray at RaysComputer:~$ whois 74.119.76.117
>
> OrgName:    Facebook, Inc.
> OrgID:      THEFA-3
> Address:    156 University Ave, 3rd floor
> City:       Palo Alto
> StateProv:  CA
> PostalCode: 94301
> Country:    US
>
> NetRange:   74.119.76.0 - 74.119.79.255
> CIDR:       74.119.76.0/22
> OriginAS:   AS32934
> NetName:    TFBNET4
> NetHandle:  NET-74-119-76-0-1
> Parent:     NET-74-0-0-0-0
> NetType:    Direct Assignment
> NameServer: DNS04.SF2P.TFBNW.NET
> NameServer: DNS05.SF2P.TFBNW.NET
> Comment:   
> RegDate:    2009-10-28
> Updated:    2009-11-10
>
> OrgTechHandle: OPERA82-ARIN
> OrgTechName:   Operations
> OrgTechPhone:  +1-650-543-4800
> OrgTechEmail:  ops at facebook.com
>
> # ARIN WHOIS database, last updated 2010-03-15 20:00
> # Enter ? for additional hints on searching ARIN's WHOIS database.
> #
> # ARIN WHOIS data and services are subject to the Terms of Use
> # available at https://www.arin.net/whois_tou.html
> ray at RaysComputer:~$ telnet 74.119.76.117 80
> Trying 74.119.76.117...
>
> ray at RaysComputer:~$ telnet 69.63.181.12 80
> Trying 69.63.181.12...
> Connected to 69.63.181.12.
>
>
>
> Thanks for your quick reply.
>
> Later, Ray Parrish
>
>
>

More information about the ubuntu-users mailing list