SlackwareThis Forum is for the discussion of Slackware Linux.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Um, i'm not a hacker or hacker expert, lol, but the impression i got was that hackers don't normally go about boasting their abilities to everyone and anyone? Are you sure this guy just didn't know one or a couple of common known vulnerability and used them to exploit your machine; if this is the case, then it won't take long for the problems to stop, now you've taken even this little bit of action.
There is already sufficient advice in this thread. Just one more aspect: since obviously there is no relationship of trust between you and your employer you should use the time while they pay you to find alternative employment. I am unfamiliar with US law, but over here the actions of the "security expert" are subject to criminal law. Ie. once reported to the police the crown prosecutor or state attorney will take matters into his hands. In order to make them hit as hard as possible you need to collect unrefutable evidence. Good luck.
So it is fear or hate, just to make it more confusing.
What I don't like is them flaunting their homosexuality just because they can, in all these gay parades and s***. Honestly, I don't care what they do in their rooms, but to flaunt it like that is sick, IMO. I can't say I hate them, but I don't like being around them. There is also the increased chance of spreading STDs.
You know I think this thread has gone off topic and has run its course. I hope someone closes it.
In my job, I have to deal with a fairly psychopathic and untrustworthy person who is unfortunately the company's computer security expert, who is also an admitted hacker.
Without hackers there would be no Slackware for you and probably no internet either.
I recently installed Slackware to prevent him from spying on my basic activities, deleting my windows and moving my mouse pointer, as he did when I had Windows on my PC.
You call it spying; how do you know he's not just doing his job? I look after a couple of small- to medium-sized businesses and part of my brief is to ensure the users don't bring malicious software into the network deliberately or inadvertently. This occasionally involves a quick check-up via remote access - the permission of the employer is taken for granted and the employees understand, rightly or wrongly, that the expertise of the network admin - i.e., me - is likely to be greater than their own expertise, so they leave me to it. Anyone changing the operating system on a PC belonging to the business would in all likelihood be sacked straight away.
However I now need to make sure he isn't going to do the same with my Slackware installation. Other than reinstalling Slackware periodically, what can I do to detect spyware like a keylogger, or to detect that he has rootkitted commonly used parts of the distro to provide a backdoor etc?
Not a lot. Malicious software is always ahead of the curve. Unless you're a security expert who dedicates his time to malicious software research you won't be able to cover all angles. In my opinion the best security is provided by a default install of operating systems like NetBSD and OpenBSD. BSD Magazine ran an article on OpenBSD desktops in the enterprise recently, but I very much doubt if your company would go along with it.
It is difficult if he has physical access to the machine, so yes encrypting the drive would be a very good idea to prevent a Myjad keylogger in the first place. I would also use a BIOS or boot password to prevent him from messing things up there, or booting other disks.
If you can't do that, you can use rkhunter, chkrootkit, and clamav to detect rootkits, viruses, malware, etc ... assuming he doesn't mess with them.
Personally, I would catch him on video and report him to the authorities, because this is not legal.
Most people thing of keyloggers as malicious software, but don't forget about hardware keyloggers that can be plugged into a USB port. Obviously these are easy to detect on a laptop, but on a desktop they could potentially go unnoticed for months.
Beyond checking to make sure nothing unwanted is plugged in, you can choose from a number of free software options that detect keyloggers. Two of the better free choices, although pay versions are available for both are Zemana and SpyShelter.
I don't know you, and I've never heard of either of those, but as a general observation: downloading and running an executable that some anonymous and unknown person on a forum recommends to you will make you more likely to install a keylogger than detect one.
Anyway, this is a 2 year dead topic and thread-necromancy is generally discouraged here at LQ, Please don't revive old threads.