On 12/13/05, Ravi Kumar <[EMAIL PROTECTED]> wrote:
> That conversation set me wondering ... How immune is a linux system
> from someone hacking the system and including a key logging utility
> with out the users knowledge. I know that certain distributions have
> all the ports closed by default. Does having all ports closed alone
> circumvent this problem?
#include <vast_oversimplification.h>
The reason why there are fewer Linux key loggers and such exploits is
the user-level secutity that unices have. To install some software, a
user needs root privileges. So, if a u user is working only as a
normal user and they download and run whatever trojans they do only
under their own identity, they never compromise more than themselves
(i.e. the other users of the system are safe).
Having ports closed, while a good move to prevent crackers from using
vulnerabilities in your servers from breaking into our machine, is not
an indicator that you are keylogger less.
> And what precautions should be taken for the
> same.
Good common sense sys admin skills.
> I am also aware of using firewalls (I use firestarter on my system).
> But if suppose some penetration has happened, as a home user, how do I
> find out ? and what are the options before me to sanitise my system ?
A rootkit detector will be a good starting point.
Thaths
--
"Facts are meaningless. You could use facts to prove anything that's even
remotely true!" -- Homer J. Simpson
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id�865&op=click
_______________________________________________
linux-india-help mailing list
linux-india-help@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-india-help
