[gentoo-user] advice on security and keyloggers

[gentoo-user] advice on security and keyloggers

[Jerry Turba]

I've heard a lot lately about software keyloggers that can be installed 
on a computer while surfing the net, and how big a security problem they 
have become. What is the Linux/Gentoo approach to block keyloggers? I do 
not run any antivirus or anti spyware programs (I don't even network 
with Windows) only Shorewall.
Are keyloggers a form of a virus and do not present a great danger to 
Linux? Should I be safe if I keep up on updates and the glsa?

Thanks for any info.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] advice on security and keyloggers

[Dale]

Jerry Turba wrote:

> I've heard a lot lately about software keyloggers that can be
> installed on a computer while surfing the net, and how big a security
> problem they have become. What is the Linux/Gentoo approach to block
> keyloggers? I do not run any antivirus or anti spyware programs (I
> don't even network with Windows) only Shorewall.
> Are keyloggers a form of a virus and do not present a great danger to
> Linux? Should I be safe if I keep up on updates and the glsa?
>
> Thanks for any info.

I would assume that you would have to install the keylogger on Linux, if
you wanted it.  Linux is not like windoze.  It is a bit hard to install
something and you not know it.  I get emails with viruses all the time
and I click on them, I have never got any infection though.  Basically,
if you type in emerge <keylogger> then it will get installed.  If you do
not do that, I wouldn't be worried about it.  Linux, even in a basic
setup is just not going to run a windoze program or install a windoze
virus.  I seem to recall reading somewhere that 99.99% of viruses are
for windoze.  The only one you have to really worry about on Linux is a
rootkit, unless you have a very very old setup.

If you have wine or some other windoze emulator thingy, then you may can
get it then but from what I have read it is confined to the wine part
and does not affect Linux itself.

All that is based on what I have read.  I don't have windoze here, I
don't run Wine either.  I wouldn't buy a computer that has windoze on
it.  If someone gives me wone that does have windoze on it, I format the
drive and install Linux.

Dale

:-)

-- 
To err is human, I'm most certainly human.

I have four rigs:

1:  Home built; Abit NF7 ver 2.0 w/ AMD 2500+ CPU, 1GB of ram and right now two 80GB hard drives.  
2:  Home built; Iwill KK266-R w/ AMD 1GHz CPU, 256MBs of ram and a 4GB drive.
3:  Home built; Gigabyte GA-71XE4 w/ 800MHz CPU, 128MBs of ram and a 2.5GB drive.
4:  Compaq Proliant 6000 Server w/ Quad 200MHz CPUs, 128MBs of ram and a 4.3GB SCSI drive.

All run Gentoo, all run folding. #1 is my desktop, 2, 3, and 4 are set up as servers.  

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] advice on security and keyloggers

[Jerry Turba]

Dale wrote:

>Jerry Turba wrote:
>
>  
>
>>I've heard a lot lately about software keyloggers that can be
>>installed on a computer while surfing the net, and how big a security
>>problem they have become. What is the Linux/Gentoo approach to block
>>keyloggers? I do not run any antivirus or anti spyware programs (I
>>don't even network with Windows) only Shorewall.
>>Are keyloggers a form of a virus and do not present a great danger to
>>Linux? Should I be safe if I keep up on updates and the glsa?
>>
>>Thanks for any info.
>>    
>>
>
>I would assume that you would have to install the keylogger on Linux, if
>you wanted it.  Linux is not like windoze.  It is a bit hard to install
>something and you not know it.  I get emails with viruses all the time
>and I click on them, I have never got any infection though.  Basically,
>if you type in emerge <keylogger> then it will get installed.  If you do
>not do that, I wouldn't be worried about it.  Linux, even in a basic
>setup is just not going to run a windoze program or install a windoze
>virus.  I seem to recall reading somewhere that 99.99% of viruses are
>for windoze.  The only one you have to really worry about on Linux is a
>rootkit, unless you have a very very old setup.
>
>If you have wine or some other windoze emulator thingy, then you may can
>get it then but from what I have read it is confined to the wine part
>and does not affect Linux itself.
>
>All that is based on what I have read.  I don't have windoze here, I
>don't run Wine either.  I wouldn't buy a computer that has windoze on
>it.  If someone gives me wone that does have windoze on it, I format the
>drive and install Linux.
>
>Dale
>
>:-)
>
>  
>
My system is very similar to yours; no windows, no emulators, etc. I 
wasn't sure what kind of program the keyloggers were; virus or rootkit. 
Of course I would not intentionally install a keylogger or rootkit. I 
wanted to know what other thought about keyloggers since I rarely see 
them discussed in Linux groups.
Thanks for the confirmation that I don't have to worry about them.

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] advice on security and keyloggers

[Dale]

Jerry Turba wrote:

> My system is very similar to yours; no windows, no emulators, etc. I
> wasn't sure what kind of program the keyloggers were; virus or
> rootkit. Of course I would not intentionally install a keylogger or
> rootkit. I wanted to know what other thought about keyloggers since I
> rarely see them discussed in Linux groups.
> Thanks for the confirmation that I don't have to worry about them.
>
I think most of the keyloggers are installed by clicking on attachments
in emails that have a windoze executable, which installs the keylogger. 
They can also come in as "free" software as well.  Those programs are
written for windoze and if you do click on them in Linux, it will pop up
a window and ask what you want to open it with.  Linux without a
emulator type thing installed does not know what to do with a *.exe
file.  You only have to worry about it if you use windoze though.

Most of the viruses, trojans and other malware are written for windoze
for two reasons, (1) windoze is not secure and will install anything at
the drop of a dime, and (2) most people use windoze.  There is also the
fact that even though people tell them not to open attachments, they are
still stupid enough to do it anyway.  :(  I am convinced there are three
kinds of people that use windoze, idiots, people with a gun to their
head, that being M$ of course, people that have to for work, specific
programs that are not available to Linux, some games in that too.  LOL
LOL  No flaming please.  I just can't see what makes people think
windoze is so great is all.  Windoze sucks.  It is buggy, unsecure and I
could go on forever.

Back to the basics, if you use Linux and don't have Wine or something,
surf to your hearts content.  If you are security minded about someone
knowing where you have been, clear the cache out from time to time.

Dale
:-)



-- 
To err is human, I'm most certainly human.

I have four rigs:

1:  Home built; Abit NF7 ver 2.0 w/ AMD 2500+ CPU, 1GB of ram and right now two 80GB hard drives.  
2:  Home built; Iwill KK266-R w/ AMD 1GHz CPU, 256MBs of ram and a 4GB drive.
3:  Home built; Gigabyte GA-71XE4 w/ 800MHz CPU, 128MBs of ram and a 2.5GB drive.
4:  Compaq Proliant 6000 Server w/ Quad 200MHz CPUs, 128MBs of ram and a 4.3GB SCSI drive.

All run Gentoo, all run folding. #1 is my desktop, 2, 3, and 4 are set up as servers.  

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] advice on security and keyloggers

[Richard Fish]

On 12/9/05, Jerry Turba <jturba@nethere.com> wrote:
> Should I be safe if I keep up on updates and the glsa?

As long as your X configuration is reasonably secure, yes.  But if you
do something silly like run "xhost +", then any remote user can
connect to your X server with xev and log keystrokes.

Generally though if you stick with the default configuration, keep
current with security updates, and avoid running services you don't
need, you have nothing to worry about.

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] advice on security and keyloggers

[Jerry Turba]

Richard Fish wrote:

>On 12/9/05, Jerry Turba <jturba@nethere.com> wrote:
>  
>
>>Should I be safe if I keep up on updates and the glsa?
>>    
>>
>
>As long as your X configuration is reasonably secure, yes.  But if you
>do something silly like run "xhost +", then any remote user can
>connect to your X server with xev and log keystrokes.
>
>Generally though if you stick with the default configuration, keep
>current with security updates, and avoid running services you don't
>need, you have nothing to worry about.
>
>-Richard
>
>  
>
Thanks Dale and Richard for the info.
-- 
gentoo-user@gentoo.org mailing list