Really trying to block amazon web functions.
Using firewalls, hosts.deny and apparently there's no stopping them.
Granted the folks at Ubuntu sold their sole to Amazon with the scope lens do-hicky but there has to be a way other than going off line.
Looking for really solid suggestions other than to go soak my head or something like extreme ordnance.
It seems they've managed to infiltrate Linux to the extent neither Linux Mint, Ubuntu or Fedora will allow the block or if they do they have placed their forums or helps systems on Amazon servers.
It isn't bad enough Amazon has almost wiped up used book stores (except the ones they use as a cover and PR stunt), small book stores, some online libraries and any number of small retailers.
IMO their doing their best to intrude and screw up everything else.
Not Solved: apparently there's some signal embedded in the OS which I haven't found yet which is triggering the response, whatever it is.
31 hits - 76 bytes each on 443
21 hits - 460 bytes each on 443
Equal sign indicated, removed remote packages, blocking 54.0.0.0/54.255.255.255 but still persists.
Since there's no Unity scope on Mint this should not be an issue as Amazon search xml's removed from Firefox and Thunderbird and system gleaned of any Amazon reference. There's something deep and I haven't found it yet.
Since Amazon has a presence in Baltimore now I may be able to draf them into small claims court.
AWS intrusion (Solved)
-
Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
AWS intrusion (Solved)
Last edited by Grumpus on April 14th, 2015, 6:47 am, edited 2 times in total.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
-
earther
- Posts: 725
- Joined: July 18th, 2003, 9:25 pm
- Location: not a 'buntard!
- Contact:
Re: In need of some magic (not Solved)
Easy, Dump Ubuntu. 
Isn't it time you got off the tricycle? Sorry, couldn't resist. 
Isn't it time you got off the tricycle? Sorry, couldn't resist. -
Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: In need of some magic (not Solved)
It's OK, I'm looking, Mint solved the Unity menu bar annoyances (sort of got used to it)
Fedora broke my heart with their forums being AWS
It would be nice to find the crap before moving elsewhere since it looks like the villains want to take over the world.
I will be knocking their drones out, have pneumatic net gun, completely legal and airspace above my land is mine up to a certain altitude by law.
They do not have my permission for a right of way.
Fedora broke my heart with their forums being AWS
It would be nice to find the crap before moving elsewhere since it looks like the villains want to take over the world.
I will be knocking their drones out, have pneumatic net gun, completely legal and airspace above my land is mine up to a certain altitude by law.
They do not have my permission for a right of way.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
-
earther
- Posts: 725
- Joined: July 18th, 2003, 9:25 pm
- Location: not a 'buntard!
- Contact:
Re: In need of some magic (not Solved)
I hear you, Grumpus.
-
Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: In need of some magic (not Solved)
Still looking for a solution but it's looking like something implanted or triggered in Firefox as the AWS ip shows when opening Firefox.
Have yet to find where and almost exhausted where to look any suggestions would be appreciated to finding it.](./images/smilies/eusa_wall.gif "Brick wall")
Have yet to find where and almost exhausted where to look any suggestions would be appreciated to finding it.
Last edited by Grumpus on April 9th, 2015, 11:16 am, edited 1 time in total.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
-
Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: In need of some magic (not Solved)
Did a lot of looking for answers and this apparently has pro and con camps which are about as divided as anyone could be.
The issue here is not whether cloud computing is valid, there's a lot of evidence to support the interaction in some fields but on the other hand an individual not using the AWS services should be able to block the URLs or IPs which are participatory, even if this means a large majority of web sites are unavailable.
I thought I had found the issue in the format of the IPs going into the firewalls, looked at the port map, live icons and the wonderfully entertaining newtab setup (which hopefully I figured out how to obliterate.)
Tracked down everything relative to Amazon on the system down to the words in the files, folder etc and a number of variants.
My concerns are bad code coming through the cloud and the anonymity of those providing it, the failure to block packet transfers from the AWS ips which show up in the traffic monitor and the forced acceptance of AWS services when declined continually even into real world eschewing of Amazon purchases.
These should be blocked by the methods used but there appears to be some backdoor access which has been granted by any number of software designers or possibly deeper in the kernels during development.
People state they think this is nuts and Amazon is wonderful but what it seems to me is it's a grab, a great big grab of not only the Internet but also of your privacy, what you buy, where you buy, how you buy, what you research, what you try and develop and worst of all the implementation of control over your very life through devices which are designed to control your life under the auspice of helpmates.
The issue here is not whether cloud computing is valid, there's a lot of evidence to support the interaction in some fields but on the other hand an individual not using the AWS services should be able to block the URLs or IPs which are participatory, even if this means a large majority of web sites are unavailable.
I thought I had found the issue in the format of the IPs going into the firewalls, looked at the port map, live icons and the wonderfully entertaining newtab setup (which hopefully I figured out how to obliterate.)
Tracked down everything relative to Amazon on the system down to the words in the files, folder etc and a number of variants.
My concerns are bad code coming through the cloud and the anonymity of those providing it, the failure to block packet transfers from the AWS ips which show up in the traffic monitor and the forced acceptance of AWS services when declined continually even into real world eschewing of Amazon purchases.
These should be blocked by the methods used but there appears to be some backdoor access which has been granted by any number of software designers or possibly deeper in the kernels during development.
People state they think this is nuts and Amazon is wonderful but what it seems to me is it's a grab, a great big grab of not only the Internet but also of your privacy, what you buy, where you buy, how you buy, what you research, what you try and develop and worst of all the implementation of control over your very life through devices which are designed to control your life under the auspice of helpmates.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
-
Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: AWS intrusion (Limited not Solved)
Disabling the 443 (https) before starting Firefox stops the most egregious AWS events initially.
Restoring 443 for https sites is OK but eventually the packets transferst will show up later on as one of the following IP ranges.
Most of the fault for this lies with Amazon's complete failure to secure and forestall others from vamping the system.
52.11.0.0/16
54.69.0.0/16
54.148.0.0/16
54.192.0.0/16
54.230.0.0/16
54.239.0.0/16
54.240.0.0/16
216.137.0.0/16)
204.246.0.0/16
54.224.0.0/12
204.246.160.0/19
54.224.0.0/16
54.192.0.0/12
208.78.68.0/22
156.154.0.0/16
204.13.248.0/22
199.7.68.0/23
199.7.66.0/23
199.7.65.0/24
54.230.0.0/15
Restoring 443 for https sites is OK but eventually the packets transferst will show up later on as one of the following IP ranges.
Most of the fault for this lies with Amazon's complete failure to secure and forestall others from vamping the system.
52.11.0.0/16
54.69.0.0/16
54.148.0.0/16
54.192.0.0/16
54.230.0.0/16
54.239.0.0/16
54.240.0.0/16
216.137.0.0/16)
204.246.0.0/16
54.224.0.0/12
204.246.160.0/19
54.224.0.0/16
54.192.0.0/12
208.78.68.0/22
156.154.0.0/16
204.13.248.0/22
199.7.68.0/23
199.7.66.0/23
199.7.65.0/24
54.230.0.0/15
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
-
Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: AWS intrusion (Solved)
Unless Amazon shut down these ip ranges the problem lay in the GUFW (GUI) interface for UFW.
Looking at the app_profiles in the configuration files there were a number of game ports listed but also some necessary ones, or at least they appeared that way.
The app_profiles are for pass through of various services and game system ports.
Most of these had been removed earlier in the quest to stop the signals but apparently the others which appeared to be proper were not being helpful.
Removing GUFW stopped the problem, at least for now.
ONLY works until you visit a site which has it deployed. Some of the signal may be caused by live icons in you bookmarks for sites which use AWS The signals do not seem to deploy and are blocked otherwise.
I did catch someone being sneaky by the toe:
organisation: Coordination Center for TLD RU
address: 8, Zoologicheskaya str.
address: Moscow 123242
address: Russian Federation
contact: administrative
name: .RU domain Administrative group
organisation: Coordination Center for TLD RU
address: 8, Zoologicheskaya str.
address: Moscow 123242
address: Russian Federation
phone: +7 499 254 88 94
fax-no: +7 499 254 89 63
e-mail: ru-adm@cctld.ru
contact: technical
name: Technical Center of Internet
organisation: Technical Center of Internet
address: 8, Zoologicheskaya str.
address: Moscow 123242
address: Russian Federation
phone: +7 495 737 92 95
fax-no: +7 495 737 06 84
e-mail: ru-tech@tcinet.ru
. . . coming through Ripe server ns3.fastvps.ru./ 46.36.223.217
Looking at the app_profiles in the configuration files there were a number of game ports listed but also some necessary ones, or at least they appeared that way.
The app_profiles are for pass through of various services and game system ports.
Most of these had been removed earlier in the quest to stop the signals but apparently the others which appeared to be proper were not being helpful.
Removing GUFW stopped the problem, at least for now.
ONLY works until you visit a site which has it deployed. Some of the signal may be caused by live icons in you bookmarks for sites which use AWS The signals do not seem to deploy and are blocked otherwise.
I did catch someone being sneaky by the toe:
organisation: Coordination Center for TLD RU
address: 8, Zoologicheskaya str.
address: Moscow 123242
address: Russian Federation
contact: administrative
name: .RU domain Administrative group
organisation: Coordination Center for TLD RU
address: 8, Zoologicheskaya str.
address: Moscow 123242
address: Russian Federation
phone: +7 499 254 88 94
fax-no: +7 499 254 89 63
e-mail: ru-adm@cctld.ru
contact: technical
name: Technical Center of Internet
organisation: Technical Center of Internet
address: 8, Zoologicheskaya str.
address: Moscow 123242
address: Russian Federation
phone: +7 495 737 92 95
fax-no: +7 495 737 06 84
e-mail: ru-tech@tcinet.ru
. . . coming through Ripe server ns3.fastvps.ru./ 46.36.223.217
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you