LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Closed Thread
 
Search this Thread
Old 04-28-2007, 11:30 PM   #1
j447ft
LQ Newbie
 
Registered: Apr 2007
Posts: 8

Rep: Reputation: 0
activity tracking


I am trying to find a way to block random users from tracking my PC and internet surfing activities. By tracking I am referring to the use of a program such as Spector Pro.

Thank you.
 
Old 04-29-2007, 01:22 AM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
you're gonna need to be a little more specific... what do you mean by "random users"??

are you looking to prevent people (such as your ISP, for example) from reading your traffic?? or are you talking about keyloggers and the like, which are installed on the local machine?? if it's the former, a tor/privoxy cocktail should do the trick.. if it's the latter, well, the natural *NIX account privilages should suffice (as long as you don't let others use your account)...

Last edited by win32sux; 04-29-2007 at 01:27 AM.
 
Old 04-29-2007, 03:05 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,140
Blog Entries: 54

Rep: Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791
If we take the product you refer to, from what I have read, it tries to monitor your every move on the 'net. It also alerts the admin if the computer is used in ways not intended. So it probably is a combination of combing traffic for keywords, keylogger, registry watcher and such. As such having traffic routed through a proxy is not enough since it doesn't cover any local components. The only way to bypass that would be to run something that doesn't alter anything on disk, like booting a Live CD plus having traffic between you and your first remote proxy encrypted. While there's a lot you can do with Privoxy and Tor, the overhead the service creates sometimes makes using it slow and it can't be used for proxying all kinds of services over Tor (large volume data, P2P and other Tor exit policies).

The thing is these type of products are Windows-only AFAIK so I doubt this really is a Linux Security question or having to do with security at all. If tracking applies to a home or workplace situation you should think twice: the moment you change settings you are deliberately dodging tracking and I wouldn't be surprised if that got noticed. Supervision is set up for specific reasons, you most likely are *not* authorised to thwart it and we at LQ don't see how we should aid you with more than a few general hints. Be cautious how you proceed.
 
Old 04-29-2007, 04:02 AM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
hi unSpawn... yeah, i assumed j447ft was/is root... if someone else is root, that changes everything, and the relevant clause of the LQ Rules would be invoked... basically, i was thinking along the lines of "How do I make sure no guest users on *my* system install spyware on *my* box?" (pretty black and white) and "How do I increase my level of privacy, with regards to possible ISP snooping?" (sort of a grey area)... @j447ft: at this point, you should definitely clarify your question, and the intentions you have...

Last edited by win32sux; 04-29-2007 at 04:10 AM.
 
Old 04-29-2007, 07:00 AM   #5
j447ft
LQ Newbie
 
Registered: Apr 2007
Posts: 8

Original Poster
Rep: Reputation: 0
Thanks to everyone for their replies. The type of tracking that I am referring to is not the one that is done at the server. But, I am trying to block some random users from watching my Computer and Internet activities by using spyware, keyloggers, and different registry software.
 
Old 04-29-2007, 09:08 AM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
we still don't know what you mean by "random users"...
Quote:
Originally Posted by j447ft
Thanks to everyone for their replies. The type of tracking that I am referring to is not the one that is done at the server. But, I am trying to block some random users from watching my Computer and Internet activities by using spyware, keyloggers, and different registry software.
that's fine and all, but before anyone helps you, we really need to know whether you are:

a) looking to bypass this monitoring software which is already installed on the computer you are using, or

b) asking how to prevent this type of software from being installed on your own computer, or

c) something else (explain)...

you need to be clear, because this thread is very borderline right now, and unless you clarify it might be closed, in accordance with our anti-cracking rule...

BTW, registry is an interesting choice of word... the machine you are talking about isn't running Windows by any chance is it?? what OS is it running??

Last edited by win32sux; 04-29-2007 at 09:27 AM.
 
Old 04-29-2007, 09:59 AM   #7
j447ft
LQ Newbie
 
Registered: Apr 2007
Posts: 8

Original Poster
Rep: Reputation: 0
[QUOTE=win32sux]we still don't know what you mean by "random users"...
that's fine and all, but before anyone helps you, we really need to know whether you are:

a) looking to bypass this monitoring software which is already installed on the computer you are using, or

b) asking how to prevent this type of software from being installed on your own computer, or


Both a and b.

1) I want to be able to identify this software and delete it.

2) I want to prevent this software from being installed on my system in the future.
 
Old 04-29-2007, 11:43 AM   #8
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by j447ft
I want to be able to identify this software and delete it.
one way to know when this, or other type of malware, is installed on your box is with a host-based intrusion detection system (such as AIDE, for example)... these will alert you whenever one of your system files is changed, etc...

keep in mind that installing these after your install has been exposed to a network and/or after you've already become suspicious that it's been cracked would greatly harm its level of trustworthyness, possibly even rendering it useless - it's important that you install these checkers right after an unexposed fresh install from trusted media...

another thing to consider is the permissions on whatever was changed, because if it's something that required root permissions, then your box has likely been completely compromised and you should not trust it until basic forensics have been completed (it's important to find-out how the security breach occured) and the problem has been fixed (which might or might not have required a full re-install)... see this link: http://www.cert.org/tech_tips/win-UN...ompromise.html

even if the attacker didn't get root, it would be terrible if they got your personal account, because that would still mean they had access to all your personal files (which the attacker could have trojanized, etc.)... you can't re-install your documents, so make sure you have a good backup system to separate media...

Quote:
I want to prevent this software from being installed on my system in the future.
once again, what operating system are you on??

and what are these "random users" you speak of??

Last edited by win32sux; 04-29-2007 at 11:46 AM.
 
Old 04-29-2007, 12:17 PM   #9
j447ft
LQ Newbie
 
Registered: Apr 2007
Posts: 8

Original Poster
Rep: Reputation: 0
Thank you very much for your response.

once again, what operating system are you on??

Currently, I have Linux and Windows installed on my machine. I can't access my Linux partition so I am working in Windows. My long term plan is to switch to Linux.

and what are these "random users" you speak of??
[/QUOTE]

These are not the big guys ;-). These are ordinary people monitoring what I do on my Computer and on the Internet.
 
Old 04-30-2007, 04:37 AM   #10
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,140
Blog Entries: 54

Rep: Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791Reputation: 2791
Clearly this question is not about Linux Security. What's more important, since your have not cleared up your situation in detail in a (for us) satisfactory way, it is clear to me you are not authorised to change your machines configuration to circumvent monitoring. LQ helping you with that would be against the LQ Rules.

Thread closed.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Tracking your sport activity with open source software LXer Syndicated Linux News 0 03-07-2007 08:16 PM
Tracking IP # Kenneth Ray Linux - General 1 01-25-2006 05:16 PM
tracking ik_nitk Programming 1 01-17-2006 01:22 PM
Tracking network activity d3viant Suse/Novell 4 11-17-2005 09:16 AM
tracking what i said... lefty.crupps LQ Suggestions & Feedback 4 05-01-2005 01:45 AM


All times are GMT -5. The time now is 03:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration