Help.. my firefox is in safety suffering

is it possible for existence of trojan horse or virus in opensuse?
tonight I opened the firefox, typed in the address area “msn.com” but got loaded a strange website, and the domain name is known by’siteadvisor.com’ as a malicious site which tries to change your homepage. The homepage, however, has not yet been changed.

later, I typed “mitbbs.com” but got loaded another strange webpage. This time, the domain name is also known by siteadvisor.com as a malicious site which tries to change the homepage.

there’s no anti-virus software as Kaspersky.
and this is the first time of such cases.
anyone once has seen similar case?

paulga wrote:
> is it possible for existence of trojan horse or virus in opensuse?

NOT likely that any Linux OPERATING SYSTEM has such…

however, i cannot say that it would be impossible for someone to write
an add-on for Firefox that could do all of what you saw…should be
pretty simple to substitute ANY other site to go to when msn.com is
typed…

so, you MIGHT want to review your add-ons, and MAYBE disable the last
few you added, and try msn.com again…

pop open Konqueror or any different browser (Opera maybe) and see if
you go to the same “strange” site

> tonight I opened the firefox, typed in the address area “msn.com” but

wow…i NEVER go to that site, it is WELL KNOWN to be associated with
one of the largest distributors of unsafe/buggy software on the
planet…

> later, I typed “mitbbs.com” but got loaded another strange webpage

mitbbs.com gets me to a page in Chinese…which is exactly what it
should be, see: http://en.wikipedia.org/wiki/MIT_BBS

did you correctly type? is it really mitbbs.com, or should it be
mitbbs.net, or bbs.mit.org, or what?

…
> This time, the domain name is also known by siteadvisor.com as a
> malicious site which tries to change the homepage.

THAT siteadvisor site is in the BUSINESS of selling anti-virus
software to Windows[tm] users…

you don’t need any of their software if you use only Linux…so,
remember their JOB is to keep Windows[tm] users AFRAID of not buying
anti-virus software, so it is in their best interest to LIST as may
possible problem sites as they can…

> anyone once has seen similar case?

no, i’ve never see that happen before, ever…

you can do this to:

• open a terminal
• type ping msn.com and hit enter
• you will see four numbers seperated by dots, like 207.68.172.246
• put all those numbers and dots in the address line of Firefox
• hit enter and see if you get to the expected place

i GUESS you mistyped both ‘msn’ and ‘mitbbs’…

–
solo

so, you MIGHT want to review your add-ons, and MAYBE disable the last
few you added, and try msn.com again…

 Actually, when I tried 'msn.com' immediately after closing that strange page, the case didn't repeat.  

pop open Konqueror or any different browser (Opera maybe) and see if
you go to the same “strange” site

> tonight I opened the firefox, typed in the address area “msn.com” but

wow…i NEVER go to that site, it is WELL KNOWN to be associated with
one of the largest distributors of unsafe/buggy software on the
planet…
which site is well known associated with unsafe softwares?

> later, I typed “mitbbs.com” but got loaded another strange webpage

mitbbs.com gets me to a page in Chinese…which is exactly what it
should be, see: MIT BBS - Wikipedia, the free encyclopedia

did you correctly type? is it really mitbbs.com, or should it be
mitbbs.net, or bbs.mit.org, or what?

  I'm surely referring to that famous Chinese bbs. It's very popular.

…
> This time, the domain name is also known by siteadvisor.com as a
> malicious site which tries to change the homepage.

THAT siteadvisor site is in the BUSINESS of selling anti-virus
software to Windows[tm] users…

you don’t need any of their software if you use only Linux…so,
remember their JOB is to keep Windows[tm] users AFRAID of not buying
anti-virus software, so it is in their best interest to LIST as may
possible problem sites as they can…

> anyone once has seen similar case?

no, i’ve never see that happen before, ever…

you can do this to:

• open a terminal
• type ping msn.com and hit enter
• you will see four numbers seperated by dots, like 207.68.172.246
• put all those numbers and dots in the address line of Firefox
• hit enter and see if you get to the expected place

i GUESS you mistyped both ‘msn’ and ‘mitbbs’…

–
solo[/QUOTE]

Thanks for your advice, I'll try your methods. 

there’re two systems on my laptop for convenience.
Talk about ‘siteadvisor’, I agree with you; indeed this is driven by business, specifically by Macafee.
I personally trust Kaspersky internet suite when in windows though.
I’ll try to find the reason of wrong page loading. Initially I doubted there’s a trojan in my verizon router…but I get to know this is genuinely impossible.

One add-on for Firefox that I strongly recommend is ShowIP by Jan Dittmer.

https://addons.mozilla.org/en-US/firefox/addon/590

The actual IP address for any page visited will appear at the bottom right of the browser window. You can right-click on that to get info about the IP. I’ve memorized the first two octets of the actual IPs of any banking or personal sites that I regularly visit. (Large sites may rotate IPs to share the load, but the first two octets will normally stay the same.)

In this case, I think you either made a typo without realizing it, or it’s a glitch at your ISP. Maybe they’re running a cache and it had some stale errors in it. Less savory, but less likely: a cracker has actually poisoned that cache (or the DNS cache). The fact that it went away is a good sign. I’d still let the ISP know about it if it happens again. If someone is hacking their caches, they’ll be VERY interested in that.

If it does happen again, immediately try a different browser (such as Konqueror), as someone else here suggested. If it also goes to that same bogus site, contact your ISP right away.

Thanks a lot.
it may be a problem located within my machine, since there’re no such problems when booted into windows xp.

> it may be a problem located within my machine,

i highly doubt it…i’d bet money both were a typing error.

> since there’re no such problems when booted into windows xp.

thats right, use the perfect standard, the ever stable and
unhack/crackable XP.

–
solo

well, at least I have hardly time to download and install matlab in linux environment…
and there’s more…