[Pc_Support] Intruder in my machine --- someplace
Phil Barnett
philb at philb.us
Tue Nov 29 22:19:45 EST 2005
On Tuesday 29 November 2005 11:16 am, Homer Whittaker wrote:
> Phil Barnett wrote:
> > Did you ever use that credit card at a restaurant? That's by far the #1
> > place that your credit card number will be lifted.
>
> Of course. However, the Fraud Department of my Credit Card company
> picked it up and the charges all seem to be from one identifiable use on
> my machine.
>
> Are you saying that it is doubtfull that someone is lurking on my
> machine? If so that surely makes my day :)
> Homer Whittaker
It's pretty unlikely that there is rogue software or sniffer software running
on Linux. I haven't heard of anything in the wild doing that.
Without computer forensics doing a complete analysis, there is no way to know.
On the other hand, there are dozens of ways that people can trick you into
becoming an unwitting accomplice.
If the one identifiable use on your machine was a credit card purchase, the
vector to the bad guys might be at your machine, between you and the
identifiable use and all the way into their infrastructure. If it's on their
end, the most likely culprit is a rogue employee doing bad things with their
data stream.
Another common exploit is for someone to play a man in the middle attack on
you. You may think you are going to a real corporate site but you actually
have a machine in the middle relaying between you and the real site. They get
to steal everything that plays through the data stream.
Unfortunately, we don't work/play in a secure environment. Computers and
networks were really not designed to be trustable first and everything else
second. In fact, security has been trailing computer technology for as long
as I can remember.
--
"In communism, man exploits man. In capitalism, it's the other way around."
More information about the Pc_support
mailing list