Re: key loggers
mooreted wrote:
> It takes social engineering to install rootkits, malware, viruses and
> key loggers on Linux. You have to convince the user to enter their root
> password to install the object. User-space, kernel-space, hardware-space
> are all seperate in Linux. Drive-by infections don't occur in Linux
> because of this and the fact that Linux doesn't support Active-x
> controls.
>
That is one way but there are other ways besides social engineering to
do this. Crack a weak user password and you are set, crack a weak root
password and you most likely will never find out it is on there.
> Unless someone who knows your root password sat down at your computer
> and installed a key-logger; you don't have one.
>
Unless you had a vulnerable service running and they got in that way. Or
brute forced an account via ssh. There are tons of ways to break in
besides social engineering or drive-by infections. To think you are
invulnerable (not saying you do) because of the way linux is built is
just false.
|