Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Amongst other things, I have a couple of webmail accounts.
One of them has "gone stupid" over the last couple of days, I've had the accounts for a couple of years and understand that the longer you keep the e-mail address, the more likely you are to get spam.
Anyway, apart from the usual offers of porn, viagra, credit cards, etc, it seems that recently, the vast majority of stuff that's getting to the inbox, is "non-delivery notifications" for what seems to be porn spam, using my e-mail address.
I have checked my windows install and found 23 files that are refered to by "adaware" as "data mining" files.
Obviously, I have deleted them, and checked for trojans etc.
The linux related part of the question is that could these "files" get into my linux installations. How would they get in? I usually have the system set to accept cookies so could they have got into either the linux or windows system via a cookie? If so, how do I check whether I have any in my linux install's? (easily done with windows, just downloaded adaware, which threw them up straight away), but how to check a linux install ?
There are a lot fewer trojans and viruses so I wouldn't worry to much about the linux side. For removig such things from windows I use spybot: http://www.safer-networking.org/
One good thing about Linux, well there is actually a lot so I'll just mention this one. When you get a spam message goto 'Message' then 'Bounce'. It will send the e-mail back as a bad address and they will usually remove the e-mail address. I did that recently with two that I got and haven't seen another one yet. Thanks Yahoo! So much for keeping it private huh???
I've downloaded and installed the spybot thing for windows, but I'm still confused about whether a cookie could/would extract anything? i.e. is it possible that a piece of spyware could be inserted with a cookie and not need root priviledges to install?
I've e-mailed the webmail provider to alert them, and see if there's anything that I can get them to do, but that will be a wait and see thing.
But if cookies are supposed to only contain text, can they also contain code and/or a script that will "harvest" e-mail addresses from a browser, as it's only a problem with one of my web based e-mail providers?
Originally posted by dalek One good thing about Linux, well there is actually a lot so I'll just mention this one. When you get a spam message goto 'Message' then 'Bounce'. It will send the e-mail back as a bad address and they will usually remove the e-mail address. I did that recently with two that I got and haven't seen another one yet. Thanks Yahoo! So much for keeping it private huh???
That don't always work but worth a try.
Later
Are you doing this in Yahoo Mail? If so, are you using the free account?
Nope. I do that in Kmail. Yahoo is the one that gave out my e-mail address even though I checked the box for them not to. That's why I got the spam. I know this because very very few others have the e-mail address. This happened a couple of days after I signed up for a free account with them. Coincidence, I don't think so.
That's what I meant though. Sorry about the confusion.
Originally posted by dalek Nope. I do that in Kmail. Yahoo is the one that gave out my e-mail address even though I checked the box for them not to. That's why I got the spam. I know this because very very few others have the e-mail address. This happened a couple of days after I signed up for a free account with them. Coincidence, I don't think so.
That's what I meant though. Sorry about the confusion.
Oh they didn't send the spam to the new Yahoo account they sent it to my private one. The only ones that have it is my ISP, my brother, this forum and a couple other forums and that is it. Me very picky about who gets this one. The forums have had it for several months and I doubt they share it.
That only leaves Yahoo. Maybe it was a fluke but I doubt it.
Later
Still no sound. Mandrake 9.2 don't like my drivers.
I changed the password for the account and the amount of "non-receipt" messages is reducing.
I understand what david_ross means about the "cookies" thing, and am presuming that under windows, it would be possible to write a cookie that picks up certain info, whether it was connected with the "data mining" stuff - though I suppose that that is what cookies are about anyway - but I also suspect that I'll just stop using the account, and sign up somewhere else.
Thanks for the assistance.
regards
John
p.s. and if yahoo have a "bounce" facility then I will have to have a look at their webmail.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.