Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-28-2007, 11:30 PM
|
#1
|
LQ Newbie
Registered: Apr 2007
Posts: 8
Rep:
|
activity tracking
I am trying to find a way to block random users from tracking my PC and internet surfing activities. By tracking I am referring to the use of a program such as Spector Pro.
Thank you.
|
|
|
04-29-2007, 01:22 AM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
you're gonna need to be a little more specific... what do you mean by "random users"??
are you looking to prevent people (such as your ISP, for example) from reading your traffic?? or are you talking about keyloggers and the like, which are installed on the local machine?? if it's the former, a tor/privoxy cocktail should do the trick.. if it's the latter, well, the natural *NIX account privilages should suffice (as long as you don't let others use your account)...
Last edited by win32sux; 04-29-2007 at 01:27 AM.
|
|
|
04-29-2007, 03:05 AM
|
#3
|
Moderator
Registered: May 2001
Posts: 29,415
|
If we take the product you refer to, from what I have read, it tries to monitor your every move on the 'net. It also alerts the admin if the computer is used in ways not intended. So it probably is a combination of combing traffic for keywords, keylogger, registry watcher and such. As such having traffic routed through a proxy is not enough since it doesn't cover any local components. The only way to bypass that would be to run something that doesn't alter anything on disk, like booting a Live CD plus having traffic between you and your first remote proxy encrypted. While there's a lot you can do with Privoxy and Tor, the overhead the service creates sometimes makes using it slow and it can't be used for proxying all kinds of services over Tor (large volume data, P2P and other Tor exit policies).
The thing is these type of products are Windows-only AFAIK so I doubt this really is a Linux Security question or having to do with security at all. If tracking applies to a home or workplace situation you should think twice: the moment you change settings you are deliberately dodging tracking and I wouldn't be surprised if that got noticed. Supervision is set up for specific reasons, you most likely are *not* authorised to thwart it and we at LQ don't see how we should aid you with more than a few general hints. Be cautious how you proceed.
|
|
|
04-29-2007, 04:02 AM
|
#4
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
hi unSpawn... yeah, i assumed j447ft was/is root... if someone else is root, that changes everything, and the relevant clause of the LQ Rules would be invoked... basically, i was thinking along the lines of "How do I make sure no guest users on *my* system install spyware on *my* box?" (pretty black and white) and "How do I increase my level of privacy, with regards to possible ISP snooping?" (sort of a grey area)... @j447ft: at this point, you should definitely clarify your question, and the intentions you have...
Last edited by win32sux; 04-29-2007 at 04:10 AM.
|
|
|
04-29-2007, 07:00 AM
|
#5
|
LQ Newbie
Registered: Apr 2007
Posts: 8
Original Poster
Rep:
|
Thanks to everyone for their replies. The type of tracking that I am referring to is not the one that is done at the server. But, I am trying to block some random users from watching my Computer and Internet activities by using spyware, keyloggers, and different registry software.
|
|
|
04-29-2007, 09:08 AM
|
#6
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
we still don't know what you mean by "random users"...
Quote:
Originally Posted by j447ft
Thanks to everyone for their replies. The type of tracking that I am referring to is not the one that is done at the server. But, I am trying to block some random users from watching my Computer and Internet activities by using spyware, keyloggers, and different registry software.
|
that's fine and all, but before anyone helps you, we really need to know whether you are:
a) looking to bypass this monitoring software which is already installed on the computer you are using, or
b) asking how to prevent this type of software from being installed on your own computer, or
c) something else (explain)...
you need to be clear, because this thread is very borderline right now, and unless you clarify it might be closed, in accordance with our anti-cracking rule...
BTW, registry is an interesting choice of word... the machine you are talking about isn't running Windows by any chance is it?? what OS is it running??
Last edited by win32sux; 04-29-2007 at 09:27 AM.
|
|
|
04-29-2007, 09:59 AM
|
#7
|
LQ Newbie
Registered: Apr 2007
Posts: 8
Original Poster
Rep:
|
[QUOTE=win32sux]we still don't know what you mean by "random users"...
that's fine and all, but before anyone helps you, we really need to know whether you are:
a) looking to bypass this monitoring software which is already installed on the computer you are using, or
b) asking how to prevent this type of software from being installed on your own computer, or
Both a and b.
1) I want to be able to identify this software and delete it.
2) I want to prevent this software from being installed on my system in the future.
|
|
|
04-29-2007, 11:43 AM
|
#8
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by j447ft
I want to be able to identify this software and delete it.
|
one way to know when this, or other type of malware, is installed on your box is with a host-based intrusion detection system (such as AIDE, for example)... these will alert you whenever one of your system files is changed, etc...
keep in mind that installing these after your install has been exposed to a network and/or after you've already become suspicious that it's been cracked would greatly harm its level of trustworthyness, possibly even rendering it useless - it's important that you install these checkers right after an unexposed fresh install from trusted media...
another thing to consider is the permissions on whatever was changed, because if it's something that required root permissions, then your box has likely been completely compromised and you should not trust it until basic forensics have been completed (it's important to find-out how the security breach occured) and the problem has been fixed (which might or might not have required a full re-install)... see this link: http://www.cert.org/tech_tips/win-UN...ompromise.html
even if the attacker didn't get root, it would be terrible if they got your personal account, because that would still mean they had access to all your personal files (which the attacker could have trojanized, etc.)... you can't re-install your documents, so make sure you have a good backup system to separate media...
Quote:
I want to prevent this software from being installed on my system in the future.
|
once again, what operating system are you on??
and what are these "random users" you speak of??
Last edited by win32sux; 04-29-2007 at 11:46 AM.
|
|
|
04-29-2007, 12:17 PM
|
#9
|
LQ Newbie
Registered: Apr 2007
Posts: 8
Original Poster
Rep:
|
Thank you very much for your response.
once again, what operating system are you on??
Currently, I have Linux and Windows installed on my machine. I can't access my Linux partition so I am working in Windows. My long term plan is to switch to Linux.
and what are these "random users" you speak of??[/QUOTE]
These are not the big guys ;-). These are ordinary people monitoring what I do on my Computer and on the Internet.
|
|
|
04-30-2007, 04:37 AM
|
#10
|
Moderator
Registered: May 2001
Posts: 29,415
|
Clearly this question is not about Linux Security. What's more important, since your have not cleared up your situation in detail in a (for us) satisfactory way, it is clear to me you are not authorised to change your machines configuration to circumvent monitoring. LQ helping you with that would be against the LQ Rules.
Thread closed.
|
|
|
All times are GMT -5. The time now is 10:58 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|