mandriva keylogger protection

  • psuedofy
  • Expert
  • Expert
  • User avatar
  • Posts: 749
  • Loc: long island, NY

Post 3+ Months Ago

a few malicious friends of mine are trying to install key loggers onto my computer. its an incredible invasion of privacy and it is very disturbing to the psyche when the attack is right in front of your face. luckily i didnt click anything but my other friend did.
i need to know of any anti key logger software for linux mandriva. please. thanks.
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6252
  • Loc: Seattle, WA

Post 3+ Months Ago

Time to get some new friends.
  • kc0tma
  • o|||||||o
  • Web Master
  • User avatar
  • Posts: 3318
  • Loc: Trout Creek, MT

Post 3+ Months Ago

spork wrote:
Time to get some new friends.


Ditto.

How are they able to install something without privileges? They ought not know the root password for that machine, and if they have account on it I would make sure they aren't sudoers. And if you can figure out which port they are going out on (either to send a log file or a live stream of data) then shut that puppy off at the firewall.
  • psuedofy
  • Expert
  • Expert
  • User avatar
  • Posts: 749
  • Loc: long island, NY

Post 3+ Months Ago

i dont know the exact procedure, but basically they create an FTP site/connection or something on a virtual drive that stores up to 2 gigs of data for free on some random site.

but are you telling me if they dont have my root password i have nothign to worry about? when i type my root password in, wouldnt it store on the site?
and if i set my firewall on high setting, would that block them?

this is so fascinating, using the internet powers for good! so exilerating in a binary fashion. lol so cool.

can you direct me to a site that can teach me how to send a log file or live stream of data? :)

thanks
  • kc0tma
  • o|||||||o
  • Web Master
  • User avatar
  • Posts: 3318
  • Loc: Trout Creek, MT

Post 3+ Months Ago

To install software, they need some sort of administrative access, unless they know a little trick or something to get around that. You should still be suspicious even if they don't have root access because maybe they just have a little script that runs but doesn't actually go through the normal install procedure (like a shell script or a perl script that doesn't do ./configure, make, make install, blah blah) But setting your firewall to high or tinkering with the selinux settings should stop stuff like that from getting out or at least alert you when it does. If I was going to do something like that, I would just put everything into a text log file, then make a script to upload it somewhere or use wget from my end to download it. Streaming live data probably wouldn't be the smartest because if the victim just happened to do a netstat or open wireshark or something they would see something funny going on.

That is one thing you could do is periodically run a netstat -a and look through the output. If anything looks odd you have somewhere to start from. Or install the wireshark packet sniffer and watch that to see if there is weird traffic going in and out of your system.
  • psuedofy
  • Expert
  • Expert
  • User avatar
  • Posts: 749
  • Loc: long island, NY

Post 3+ Months Ago

thank you very much for your knowledge and time kc0tma.

i ran netstat -a but the problem was i didnt know what to look for; everything looked exactly the same.

i installed wireshark, i have to learn how to use it now.

thanks

Post Information

  • Total Posts in this topic: 6 posts
  • Users browsing this forum: No registered users and 42 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.