LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-21-2003, 04:25 PM   #1
bigjohn
Senior Member
 
Registered: Jun 2002
Location: UK - South Coast.
Distribution: Ubuntu (usually the latest....)
Posts: 2,672
Blog Entries: 9

Rep: Reputation: 45
Data Mining and how to stop it ?????


OK,

Amongst other things, I have a couple of webmail accounts.

One of them has "gone stupid" over the last couple of days, I've had the accounts for a couple of years and understand that the longer you keep the e-mail address, the more likely you are to get spam.

Anyway, apart from the usual offers of porn, viagra, credit cards, etc, it seems that recently, the vast majority of stuff that's getting to the inbox, is "non-delivery notifications" for what seems to be porn spam, using my e-mail address.

I have checked my windows install and found 23 files that are refered to by "adaware" as "data mining" files.

Obviously, I have deleted them, and checked for trojans etc.

The linux related part of the question is that could these "files" get into my linux installations. How would they get in? I usually have the system set to accept cookies so could they have got into either the linux or windows system via a cookie? If so, how do I check whether I have any in my linux install's? (easily done with windows, just downloaded adaware, which threw them up straight away), but how to check a linux install ?

regards

John
 
Old 10-21-2003, 04:36 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
There are a lot fewer trojans and viruses so I wouldn't worry to much about the linux side. For removig such things from windows I use spybot:
http://www.safer-networking.org/
 
Old 10-21-2003, 06:25 PM   #3
dalek
Senior Member
 
Registered: Jul 2003
Location: Mississippi USA
Distribution: Gentoo
Posts: 2,058
Blog Entries: 2

Rep: Reputation: 65
One good thing about Linux, well there is actually a lot so I'll just mention this one. When you get a spam message goto 'Message' then 'Bounce'. It will send the e-mail back as a bad address and they will usually remove the e-mail address. I did that recently with two that I got and haven't seen another one yet. Thanks Yahoo! So much for keeping it private huh???

That don't always work but worth a try.

Later

 
Old 10-22-2003, 05:43 AM   #4
bigjohn
Senior Member
 
Registered: Jun 2002
Location: UK - South Coast.
Distribution: Ubuntu (usually the latest....)
Posts: 2,672
Blog Entries: 9

Original Poster
Rep: Reputation: 45
Thanks for the suggestions

I've downloaded and installed the spybot thing for windows, but I'm still confused about whether a cookie could/would extract anything? i.e. is it possible that a piece of spyware could be inserted with a cookie and not need root priviledges to install?

I've e-mailed the webmail provider to alert them, and see if there's anything that I can get them to do, but that will be a wait and see thing.

regards

John
 
Old 10-23-2003, 01:25 PM   #5
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
cookies can only contain text so I wouldn't expect them to contain viruses.
 
Old 10-25-2003, 10:28 AM   #6
bigjohn
Senior Member
 
Registered: Jun 2002
Location: UK - South Coast.
Distribution: Ubuntu (usually the latest....)
Posts: 2,672
Blog Entries: 9

Original Poster
Rep: Reputation: 45
But if cookies are supposed to only contain text, can they also contain code and/or a script that will "harvest" e-mail addresses from a browser, as it's only a problem with one of my web based e-mail providers?

regards

John
 
Old 10-25-2003, 01:27 PM   #7
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
They can only grab information that you submit - in windows this can be done automatically by executing arbitary code.
 
Old 10-26-2003, 09:06 PM   #8
65_289
Member
 
Registered: May 2002
Distribution: Ubuntu 5.04, Kanotix
Posts: 163

Rep: Reputation: 30
Quote:
Originally posted by dalek
One good thing about Linux, well there is actually a lot so I'll just mention this one. When you get a spam message goto 'Message' then 'Bounce'. It will send the e-mail back as a bad address and they will usually remove the e-mail address. I did that recently with two that I got and haven't seen another one yet. Thanks Yahoo! So much for keeping it private huh???

That don't always work but worth a try.

Later

Are you doing this in Yahoo Mail? If so, are you using the free account?
 
Old 10-26-2003, 11:48 PM   #9
dalek
Senior Member
 
Registered: Jul 2003
Location: Mississippi USA
Distribution: Gentoo
Posts: 2,058
Blog Entries: 2

Rep: Reputation: 65
Nope. I do that in Kmail. Yahoo is the one that gave out my e-mail address even though I checked the box for them not to. That's why I got the spam. I know this because very very few others have the e-mail address. This happened a couple of days after I signed up for a free account with them. Coincidence, I don't think so.

That's what I meant though. Sorry about the confusion.

How do you close a yahoo account anyway?

Later

 
Old 10-26-2003, 11:52 PM   #10
65_289
Member
 
Registered: May 2002
Distribution: Ubuntu 5.04, Kanotix
Posts: 163

Rep: Reputation: 30
Quote:
Originally posted by dalek
Nope. I do that in Kmail. Yahoo is the one that gave out my e-mail address even though I checked the box for them not to. That's why I got the spam. I know this because very very few others have the e-mail address. This happened a couple of days after I signed up for a free account with them. Coincidence, I don't think so.

That's what I meant though. Sorry about the confusion.

How do you close a yahoo account anyway?

Later

https://edit.yahoo.com/config/delete_user

And that's weird. I never got any spam after I signed up. I let the account sit for a few weeks, just to test it out.
 
Old 10-27-2003, 12:07 AM   #11
dalek
Senior Member
 
Registered: Jul 2003
Location: Mississippi USA
Distribution: Gentoo
Posts: 2,058
Blog Entries: 2

Rep: Reputation: 65
Oh they didn't send the spam to the new Yahoo account they sent it to my private one. The only ones that have it is my ISP, my brother, this forum and a couple other forums and that is it. Me very picky about who gets this one. The forums have had it for several months and I doubt they share it.

That only leaves Yahoo. Maybe it was a fluke but I doubt it.

Later



Still no sound. Mandrake 9.2 don't like my drivers.
 
Old 10-27-2003, 01:50 AM   #12
bigjohn
Senior Member
 
Registered: Jun 2002
Location: UK - South Coast.
Distribution: Ubuntu (usually the latest....)
Posts: 2,672
Blog Entries: 9

Original Poster
Rep: Reputation: 45
Just a quick update,

I changed the password for the account and the amount of "non-receipt" messages is reducing.

I understand what david_ross means about the "cookies" thing, and am presuming that under windows, it would be possible to write a cookie that picks up certain info, whether it was connected with the "data mining" stuff - though I suppose that that is what cookies are about anyway - but I also suspect that I'll just stop using the account, and sign up somewhere else.

Thanks for the assistance.

regards

John

p.s. and if yahoo have a "bounce" facility then I will have to have a look at their webmail.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I stop services from restarting after I stop them? M$ISBS Linux - Software 3 10-27-2005 08:13 PM
Home Office Biotech Data Mining - Data Collection Adler Linux - General 20 11-03-2004 04:17 AM
Biotech Data Mining Adler Linux - Software 2 10-31-2004 03:03 AM
Burn Data DVD... Read Data in Linux and Windows SaintStrive Linux - Newbie 3 09-18-2004 05:04 PM
How can I stop rsync from deleting data if network link is dropped? skyfly Linux - Networking 2 06-30-2004 10:35 AM


All times are GMT -5. The time now is 09:12 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration