On Wed, 2005-02-02 at 12:21, Tim Alberts wrote:
Is Linux vulnerable to SpyWare and if so, what are some tools to deal with it? Any specific SpyWare tools, I don't mean hacking into iptables manually.
So far spyware for linux systems has not been as much of a problem as it is for windows. You may still want to flush the cookies you collect (or disable them entirely, your choice), that seems to be one type of spyware that allows them to track you.
There are a couple of programs you may want to install.
chkrootkit is a good one as well as rkhunter. These look for indications that your system has been hacked and one of the many different root kits have been installed on your system. Good to run periodically or if you suspect a problem.
Another good one is tripwire. Tripwire generates a database that is
used to look for changes on the system. Once you have it setup
completely it will run a report nightly looking for changes to critical
files both binaries and configuration files. If any changes are
detected it will report them to you and you can investigate further. Takes some effort to setup correctly. I have setup a filter that marks
the reports as read or not read depending on if they are clean or not. That way each morning I know immediately if something has changed on my
system without having to even open up the report.
Besides that use good passwords, don't login as root (use su - only when needed), use iptables, put a NAT/firewall between your LAN and the cable modem, and don't trust anyone.
Remember: Paranoia is not just a state of mind, it is a life style. :)
It is impossible to totally eliminate cookies but I use session cookies and this helps to keep the count down. I do have my Mozilla setup to allow me to accept or refuse cookies as I prefer. This limits some of the tracking. Of course on some sites this is not allowed so I just go someplace else.
-- Robin Laing
