key loggers

[dobby9]

I hope this is the right forum to ask my question.
Is there a difference in key loggers ?
What I mean is key logger that works under Windows
does it also works under Linux.
Are there known key loggers that works under Linux.
And if that is the case what can we do to detect it , or privent that it get installed.
regards
dobby9

[ken_yap]

Key loggers are just programs that run in the OS. So a Windows key logger would not work under Linux simply because it's a Windows program. You would have to write a Linux key logger.

Sure, it's possible to create a key logger under Linux too. If I hand you a computer with Linux installed which I have modified, you may not be able to tell if I have installed something that logs everything you do. The question really is, can a key logger be installed by a virus or by malware acquired from unsafe web browsing. Then, the answer for Linux is just like for other malware: the chance is much much smaller than for Windows.

To be safe for secure transactions you should to use your own computer, and not use other people's computers. (This is assuming that you keep your computer well maintained, of course.)

[mooreted]

It takes social engineering to install rootkits, malware, viruses and key loggers on Linux. You have to convince the user to enter their root password to install the object. User-space, kernel-space, hardware-space are all seperate in Linux. Drive-by infections don't occur in Linux because of this and the fact that Linux doesn't support Active-x controls.

There have been some Linux and Unix viruses throughout history but in every case the server admins did not patch their systems or follow best-practices for securing servers.

For desktop computers, even though we have almost the market share of Apple systems, we still have not seen infections. Despite what the Microsoft horde will tell you, this is not due to lack of targets because of small market-share. People are trying to infect Linux systems because it would be big news when somebody actually accomplished infecting a Linux system with a virus or spyware. It is the structure of Linux that makes writing viruses difficult.

Unless someone who knows your root password sat down at your computer and installed a key-logger; you don't have one.

[69_rs_ss]

mooreted wrote:
> It takes social engineering to install rootkits, malware, viruses and
> key loggers on Linux. You have to convince the user to enter their root
> password to install the object. User-space, kernel-space, hardware-space
> are all seperate in Linux. Drive-by infections don't occur in Linux
> because of this and the fact that Linux doesn't support Active-x
> controls.
>
That is one way but there are other ways besides social engineering to
do this. Crack a weak user password and you are set, crack a weak root
password and you most likely will never find out it is on there.

> Unless someone who knows your root password sat down at your computer
> and installed a key-logger; you don't have one.
>
Unless you had a vulnerable service running and they got in that way. Or
brute forced an account via ssh. There are tons of ways to break in
besides social engineering or drive-by infections. To think you are
invulnerable (not saying you do) because of the way linux is built is
just false.

[Sagemta]

In essence don't let strange or untrustworthy people near your PC.
Make sure you have good passwords, in Linux you can use these keys ^*$()# as part of your password.
When the Suseupdater has a security update install it.

[dobby9]

OK updated my system as soon as updates are there
Use a strong password
Never login as root in GUI
Run rkhunter
Run avast4 virus scanner
After a few minutes my screen is lock
What else can I do to make it as secure as possible
dobby9

[ken_yap]

Don't go to dodgy websites. There may be unknown vulnerabilities in proprietary plugins like Flash Player and Acroread. It's too limiting to not use them at all, but at least you can reduce the risk. Have a look at the Flashblock add-on for Firefox which prevents flash panes from autoplaying.

[mooreted]

Yes, if your root password is God, you deserve to get hacked.

But, while it's not impossible to get infected running Linux, the chances are slim. Just use some common sense and don't enter your root password unless you know why your doing it and the risks involved. Don't download software from the Internet, use the repositories. Stay away from bouncing bunnies. You don't need to update your software all the time, but you do need to keep up with security updates.

One of my favorite sites is LinuxSecurity.com.

Here is a great article to start learning basic security:

Linux Security for Beginners - Table of Contents

Work smart and Linux will treat you right.

[dobby9]

The truth is there no system unbreakable
It just how many effort they put in breaking you're system.
There is No such thing as no risk
dobby9