Re: Spyware which tracks keystrokes?

From: Steve Horsley (shoot_at_the.moon)
Date: 03/24/04

  • Next message: Steve Horsley: "Re: Spyware which tracks keystrokes?"
    Date: Wed, 24 Mar 2004 22:58:44 +0000
    
    

    dulcie wrote:
    > jealousxmp@aol.commonplace (jealous xmp) wrote in message news:<20040323143512.19230.00000224@mb-m24.aol.com>...
    >
    >
    >>Internet Explorer exploit. AIM exploit. Social engineering. Several ways to
    >>get the software on there.<
    >
    >
    > I'm not familiar with those. Do they get the software onto a
    > computer remotely *without* the user having to click on an .exe file
    > which has turned up in their mail?
    >
    Yes.

    Internet Explorer and MS Outlook have well known bugs that can be used to
    launch programs without the user's knowlege. Always keeping your copy up
    to the latest patch level can help a bit. The ones that don't need the user
    to click an attachment are a little harder to do, hence "social engineering"
    which tricks users into clicking attachments by pretending they're something
    you might want to see - Microsoft updates, topless girlie pics, rejected
    email messages.

    >>Some keyloggers and trojans hide from antivirus and can circumvent software
    >>firewalls. Many hardware firewalls (in small office / home office) allow
    >>relatively unfettered outbound access so the trojan can use email, ftp, or a
    >>reverse connect.
    >
    >
    > I'm told that Norton Personal Firewall checks every internet
    > communication and warns you if its initiated
    > by a programme you have not authorised to access the internet (such as
    > a
    > trojan). Any comments anyone?
    >
    >
    He spoke the truth. Believe it.

    >>Get a real trojan detector like TDS 3, or the easier to use Tauscan or
    >>TrojanHunter. They can hide from AV so you could boot in safe mode (maybe?) or> mount the disc from another drive.>> There is also a grey area with trojans. Stuff like DameWare will not generally
    >>be detected because it's a "legitimate" commercial product. Yet Back Orifice
    >>will be detected cause it's more "malicious." Kind of silly and really just a
    >>matter of semantics.<<
    >
    >
    > Exactly - the product I mentioned in the original post is sold as
    > something a parent can use to log everything their kids do... and you
    > must sign an agreement that you will tell the user you're going to put
    > it on their computer haha - funniest thing I've heard in a while.
    >
    >
    >>>If you are worried about AIM exploits, use GAIM instead. <<
    >
    >
    > What are those? Sorry- still learning all the jargon...
    >
    Don't know that one myself.


  • Next message: Steve Horsley: "Re: Spyware which tracks keystrokes?"