removing a Linux Keylogger

Grant M. grant at neonedge.com
Wed Jul 27 12:06:10 EDT 2005


Kent Borg wrote:
> Use your own computer.  I have a Panasonic "Toughbook" W2.  It is very
> small and light, its power supply is even small and light.  It is easy
> to haul around.  If you can't afford that, buy a largish, used, Linux
> PDA, haul it around, and ssh from it.
On some I Can't. Some are servers that do not allow access in from 
outside (I get xterms or winterms sent to me remotely from these 
machines by the end-user). Technically, these should be safe (to some 
extent), provided that they have always been this way. However, I know 
that some have definitively been hacked and then put behind a firewall, 
and I have doubts if these were ever completely reloaded. All in all, 
there are likely some cases in which I will need to login from a remote 
machine to my machine, so the possibility of connecting to my machine 
from a compromised machine is probably inevitable.

> If you really must use hacked computers to login into your computer,
> then set up one-time-pad passwords.  (I haven't done this but I think
> there is Linux support out there someplace.)  Someone could still
> listen in on what you do, even hijack a session if s/he were clever,
> but it would stop password replay.

Yeah, I was actually thinking I could actually just setup an account 
that has limited access to my machine, and just enable it when needed, 
and then disable it when I am done (probably just change the shell to 
/bin/false). This would accomplish what is required without needing me 
to recreate the environment everytime.
Thanks,
Grant M.



More information about the Discuss mailing list