Security :: Keylogger Showing Log
Dec 17, 2010Its showing like this type of log )t(t)e(e)x(x)(t)t(<Shift>)(<Shift>)^[[3;2~(KP.)^[[3;2~^[[3;(<Del>)(<Del>)(<Del>
View 2 Replies
ADVERTISEMENT
Slackware :: How To Detect Keylogger
Jun 4, 2011I have to deal with a fairly psychopathic and untrustworthy person who is unfortunately the company's computer security expert, who is also an admitted hacker. I recently installed Slackware to prevent him from spying on my basic activities, deleting my windows and moving my mouse pointer, as he did when I had Windows on my PC. However I now need to make sure he isn't going to do the same with my Slackware installation. Other than reinstalling Slackware periodically, what can I do to detect spyware like a keylogger, or to detect that he has rootkitted commonly used parts of the distro to provide a backdoor etc? BTW I've never considered encrypted a hard drive but now that I'm dealing with this idiot I would be open to that.
View 14 Replies View RelatedUbuntu :: Running Inside Windows/Keylogger Detection Possibility
Dec 22, 2010Let's say I install Ubuntu in a way that I use VirtualBox with it, so I can run it inside of Windows.
If you use a Linux-incompatible keylogger such as eBlaster on my computer, will it still record my keystrokes because I'm running it in Windows? Or will it be unable to detect anything since I'd be typing in Ubuntu?
General :: Install A Rootkit Or Keylogger On The Unix Operating System
Jan 24, 2010I have a projet at university, and i need to install a rootkit or keylogger on the unix operating system, i have searched over the internet and i have found names of rootkits but i couldnt download or get the source code for the rootkit. Does anyone know where to find a rootkit or keylogger to use?
View 5 Replies View RelatedUbuntu Security :: Firewall Showing SSH Attempts Quite Often
Sep 30, 2010I'm running the firestarter firewall and its been showing the odd ssh attempt quite often. e.g. I've had 4 attempts today, 3 in the last 40mins. I realize that this may be nothing to serious but it's got me curious, aside from having a secure password (which I have) is there anything that else that I can do to ensure that my system is as secure as possible from ssh? I do use ssh within my home network so I don't want to disable it completely.
View 9 Replies View RelatedUbuntu Security :: Firestarter Showing Serious Inbounds?
Apr 27, 2011i just installed Firestarter firewall and it is showing me 12 serious inbounds after an hour.Is it a serious matter ? What should i do ?
View 3 Replies View RelatedSecurity :: Active Connections Showing In Firestarter 1.0.3?
Feb 26, 2010I am running Firestarter on Ubuntu 9.10 64 bit. I have noticed several times that after closing all web apps (Firefox, Thunderbird) that some entries remain under the heading "Active connections" on the Firestarter "Status" tab. Often these show no source program. Currently I have 2 showing which show Firefox as the source. These persist after Firefox is shut down. I have verified that no Firfox process is running. And both of the IPs point to google.I have Disconnected eht0 and they still show. I have logged out and back in and they still show. I must reboot the machine to make these entries go away. Which makes me think perhaps this is a bug in Firestarter(?) Is there another way I can identify truly active connections?
View 2 Replies View RelatedUbuntu Security :: Found LKL And Can't Remove - Isn't Showing Up In Synaptic
Apr 7, 2010I found LKL on my computer. I need to remove it. It isn't showing up in synaptic and i can't figure out how to remove it. SUDO apt-get remove lkl tells me this. E: Couldn't find package lkl. i can't find it with the search and with google.
View 4 Replies View RelatedSecurity :: Trace Route From Home Showing Suspicious Hop Just Outside LAN?
Mar 15, 2011I know this post isn't strictly linux based, but since the system in question appears to be using Linux and I am as well I decided to post this here. In doing other network playing with Ubuntu Sever 10.10 I noticed that on all traceroutes I did to any IP the second hop from my house jumped through a connection on IP 24.96.153.61 which I think should only be another dynamic IP Knology.net customer...
In scanning the IP I now know that its a Juniper Junos Router 9.2R1.10 (Probably running on some VMware based on googling?) Open ports show: 22 ssh openSSH 4.4 v. 1.99 23 telnet Openwall GNU/*/Linux telnetd
At first I thought this was just a legit Knology.net DNS server or something, but using such outdated versions and freeware... I feel suspiciously like this is something else. Also, why in the world would knology allow remote access to their mainframe equipment? Seems that if it were ever breached it would be beyond terrible for the ISP...
Finally, why can't people not SSH into my box from the outside if I have MAC address filtering on? Anyone know anything about this or am I just being paranoid? I'm a noob, so knowing too little about all this is probably more the problem?
Ubuntu Security :: Hiding Files Without Showing Up When Ctrl+h Is Pressed
Jun 19, 2010I want to be able to hide things so that they do not show up when show hidden files is pressed. Maybe something like a file that you can only get to by already knowing its location?
View 3 Replies View RelatedGeneral :: Keylogger - "/use/bin/install: Cannot Execute Binary File"
Aug 12, 2010I have downloaded a file called logkeys-0.1.1a. I unzipped it, but when I try to install (i type "sh install"), it says "/use/bin/install: cannot execute binary file".
View 11 Replies View RelatedFedora :: Evolution 2.32.2 - Not Showing Html Websites Showing Up In Email Like Venison Sending A Promo
Aug 7, 2011Having one issue with evolution not showing html websites showing up in email like verizon sending a promo. I have gone to edit, preferences, mail preferences, html messages and have always load images from the internet chosen. I have also added sender to contacts. Even if I right click message and tell it to dload images it doesn't.
View 1 Replies View RelatedSoftware :: USB Mounting Error In Ubuntu 7.10 / Showing Cant Mount When I Clicked Details Its Showing Bad Blocks?
Dec 12, 2008I would like to know when usb inserted, its showing cant mount when i clicked details its showing bad blocks in beginning , and smething in /dev/sd6. Can i knw why usb drive cant be mounted automatically , even if its set to do so, and to cope the error mentioned above
View 1 Replies View RelatedGeneral :: Screen Not Showing On Laptop But Showing On Projector When Connected
Apr 18, 2011When I try to connect a projector to my laptop (already running) and hit the fn+f7 (the designated button for switching screen), nothing happens. I see "no source found" on projector screen and my laptop screen works perfectly. Now if I restart the laptop with the projector connected, I see all the intial booting messages on the projector screen (not on my laptop), then the gnome login screen appears on both the projector screen and laptop (when the login screen appears on laptop it looks like it has lower resolution than my usual laptop resolution). But immediately after I log in, my laptop screen goes blank, and projector screen becomes the only active screen.
If I restart without the projector, again all normal operation on laptop screen is restored.
I feel like I am missing some very silly options. Any help is appreciated.
Here is the output of xrandr when the laptop is connected:
Code:
Fedora Security :: Script To Add Security Spin Tools To Normal Installation
May 22, 2011love security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies View RelatedUbuntu Security :: Login Panel Is Worse From Security View Point
Jan 19, 2010ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?
View 5 Replies View RelatedUbuntu Security :: Selecting The 'Available To All Users' Option In Network Mgr Mess With Security?
Oct 15, 2010To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies View RelatedUbuntu Security :: Basics Of Good Security Of Small Commercial Website?
Jan 17, 20111. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
Fedora Security :: Wierd SeLinux Security Alerts \ Got:Code:Summary: System May Be Seriously Compromised?
Apr 13, 2011this is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]
[code]....
Ubuntu Security :: Updated Browsers Using Update Manager Have Lost Security Login Pages For Web Mail?
Mar 3, 2011i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
Fedora Security :: What Security Measure's Should Be Taking To Make Box Little Less Vulnerable?
Apr 7, 2009I'm just curious as to what security measure's I should be taking to make my box a little less vulnerable? I'm still experimenting/playing with Linux, use the net, IM, download this and that and was wondering how secure fedora 10 was out of the box?
View 12 Replies View RelatedFedora Security :: Security Risk Of An Unencrypted /boot Partition?
Apr 8, 2009During a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).
View 5 Replies View RelatedFedora Security :: Install Security Lab Menu On A Normal 13 Installation?
May 30, 2010Is it possible to install security lab menu on a normal Fedora 13 installation? I don't want to use security spin.
View 14 Replies View RelatedSecurity :: Write A Shell Script Setup Security Policies?
Feb 3, 2010Is there a way to delete files on the commandline that uses the KDE-Wastebin?It appears that I never ever need the KDE4 Wastebin for files that I deleted through Konqueror or Dolphin. It is only when I delete files on the konsole with rm that I wish I could undelete them. It always happens like that, mostly by being in the wrong directory or using a wildcard when I should not have. (I don't have any erroneous deleted file right now, and I do have plenty of backups, but I just wonder whether there is something better than rm to use generally on the commandline.)
View 9 Replies View RelatedUbuntu Security :: Internet Security Status Feeds Via Conky?
Mar 29, 2010Conky can be used to display a variety of information on the users desktop. I wanted to use Conky instead to display the current status of security as reported by:
SANS Internet Storm Center
IBM Internet Security Systems
Symantec Threatcon
McAfee Threat Center
I therefore created 4 small scripts which download the current status from these sites, and set the colour of those status's depending on the current value.The conky configuration allows for a semi-transparent background - though this is optional.Attached is an example image showing the 4 different colours.Also attached is an archive with the 4.sh files, .conkyrc and draw_bg.lua (from here http:[url].....
Ubuntu Security :: Guidance On Installing Basic Security Software?
May 29, 2010I just installed Ubuntu on a desktop. Can anyone give me some guidance on installing basic security software? In particular, I'm looking for a firewall, antivirus, and anti-spyware/malware utilities.
View 2 Replies View RelatedUbuntu Security :: Changing Password Seem To Be Potential Security Hazard?
Aug 3, 2010I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.
Ubuntu Security :: Router - Port Forwarding And Network Security
Nov 11, 2010As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
Ubuntu Security :: Is Posting The Hardware Address A Security Risk
Feb 28, 2011When posting results from ifconfig, it shows the hardware address of etho, etc. Would you consider that to be a security risk ?
View 9 Replies View RelatedUbuntu Security :: Installing LAMP Server On Laptop - Security?
May 8, 2011I'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies View Related