Results 1 to 10 of 10

Thread: how spyware works

  1. #1
    Junior Member
    Join Date
    Sep 2004
    Posts
    27

    how spyware works

    hi, i've a very basic question....as i understand spywares run in background on computer without user's knowledge, collect info from the computer and send it over the internet! am i correct!? if yes, what type of info do they collect..... where does that info go!? and is there any way to find the destination of that info!?....if there is a way to find the destination, can't we stop the info to reach its destination!!!??? .... pl excuse if my question sounds a bit stupid .....
    keep smilling

  2. #2
    Honestly i couldnt tell you but here are some websites that may be able to help you out.
    http://www.spywareguide.com/
    http://web.interhack.com/publications/spyware_how.php
    Also do a search on google see what that brings up

  3. #3
    Senior Member PacketThirst's Avatar
    Join Date
    Aug 2004
    Posts
    258
    They collect all sort of information about you like your surfing habits,passwords etc. and even about the color of the underwear that your'e wearing !!. The destination is obviously some company.You can stop spyware by using free softwares like Winpatrol etc. Just Google for em'.

  4. #4
    Junior Member
    Join Date
    Sep 2004
    Posts
    27

    thanks for the info

    thanks guys... the info provided by u was helpful in getting started... one thing i'm not able to figure out.... anti spy ware may remove the program however how to find, to which site or destination was the information going to from the spyware!? if we can find that getting rid of such programs may become easy! what do u say!?
    keep smilling

  5. #5
    The way I understand it, most spyware out there is designed to collected web surfing habits, computer application usage, and things like that. Any information on your computer that will help companies to better market people to buy there products, is what their after. All this info is sent to company servers where it's put under statistical analysis to try to determine current trends. Before I get ahead of myself here and start talking about consumer economics I'd better try to answer your other questions (This really does PMO though, it seems the corporate world likes to think of us as statistical numbers!,...Big surprise there...).

    Under most circumstances, it's pretty easy to find out where this information is going on the 'net. Do a search for 'IP headers', 'TCP/IP packets' to learn more about this (You might even find some programs to do this for you, if you search for 'Network Sniffers'.). However the information that you get from this will only give you an IP number that belongs to the computer this information is going to. Trying to associate this address with the actual corporation that's using the information to market people is a little trickier. Most of the major companies out there use contractors or third-party servers for this. So even though you'll know where the information is going, you'll never really know who the 'master mind' behind it is.

    To help fight spyware, use a firewall. Most often people only think in terms of preventing information access to their computers. Stopping data from leaking out onto the web is important also. A good firewall program will give you an option to prevent any applications or services from accessing the network without your consent.

    Hope this helps...
    We are a generation without a middle. We have no great war or depression. Our war is a spiritual one, our depression is our lives. We were all raised to believe that we\'ll all be millionaires and rockstars - But we won\'t.
    And we are slowly learning this fact...And we are VERY pissed off about it!

  6. #6
    To help fight spyware, use a firewall. Most often people only think in terms of preventing information access to their computers. Stopping data from leaking out onto the web is important also. A good firewall program will give you an option to prevent any applications or services from accessing the network without your consent.
    A firewall will only stop malware that is already in place. It is infinitely more important to stay on top of your updates, and be configured to disallow malicious scripts that force installations in email and on the web. Responsible computing will stop any bundled malware from being installed.

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    To help fight spyware, use a firewall. Most often people only think in terms of preventing information access to their computers. Stopping data from leaking out onto the web is important also.
    Uh.. how (i.e., be specific since you are assuming how much the original poster knows or doesn't know)? There would be really one way that this could be done effectively: prevent any connection from your localhost to the spyware's address. Using a sniffer like Ethereal may help you with that. That said, there is a lot of spyware use port 80 to go out or "piggyback" through surfing, which the firewall would allow the user to do. It might be better to use software that is designed to track and detect spyware. In addition, using a browser that doesn't inherently let itself get infected or securing the browser in the first place are better steps are avoiding it. Browsers like Mozilla, Netscape, Firefox, etc are all good ones to use. This tutorial might be a good place to start when it comes to securing IE on the Windows platform (personally, I avoid IE because of too many potential risks).

    A good firewall program will give you an option to prevent any applications or services from accessing the network without your consent.
    This I can agree with for general sense. Sygate is one that I've found to be good at detecting such apps and also showing whats running and connected to the network. Process Explorer would also be worthwhile at detecting "unknown" apps as it tends to show more than want TaskManager does.

    if there is a way to find the destination, can't we stop the info to reach its destination!!!???
    Sure. Edit your hosts file (found in <winnt>/system32/drivers/etc on XP and NT-based systems) so that it points to localhost (see below).


    127.0.0.1 evil.spyware.company.com
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Junior Member
    Join Date
    Sep 2004
    Posts
    27

    makes sense

    so as i understand, firewall will basically prevent the information from going out of my computer thereby eliminating the very purpose for which the spyware was created ....sounds good.... and second as a precautionary measure against spywares its utmost necessary to install programs those can detect as to whether there is any information
    being sent from the computer.... and if it is just block the way out....

    I've checked out the info provided by MsMittens, will test out those programs.... and yes you were right in your observation that i'm very new to this ....

    thanks guys for the info, enough for getting started will google for more ....
    keep smilling

  9. #9
    what type of info do they collect.....
    They (as allready mentioned) collect info about your webbehaviour at best.
    Some try to collect more info, perhaps even keystrokes.
    what type of info do they collect.
    They try to make a profile of you.
    If you surf for fancy cars or weapons or just pr0n or 'girly stuff' or whatever. They try to creat a profile of you. Which leads to the next question.
    where does that info go!?
    Most these spy and adware companies (like doubleclick) make big bucks by selling your profile to advertising companies.
    These advertising companies then send you _targeted_ SPAM.
    So if you surf alot for cars they will try that.
    These companies make big bucks so someone has to _respond_ to these targeted ads.

    The above information was already mentioned by the previous posters.

    As far as the firewall thing:
    Most spyware 'infects' you tru you browser. Since this is mostly a 'trusted' application the firewall wont stop that (even though Outpost does a good job at stopping ad_shiznit initially).
    Keep this in mind.
    Like Soda said
    A firewall will only stop malware that is already in place.
    Combine these two informations and use a spy/adware checker like adaware or spybot [google] on a regular basis.

    To find out what information gets send you can use the things MsM mentioned (packet sniffer like etherreal tcpdump etc).


    so as i understand, firewall will basically prevent the information from going out of my computer thereby eliminating the very purpose for which the spyware was created
    Not by definition (as mentioned above)
    Be suer to use a spy/adware checker on a regular basis (like you would do with an AV product)

  10. #10
    Junior Member
    Join Date
    Sep 2004
    Posts
    27

    self terminating spywares!?

    all accepted and agreed, one question if the advertisement agencies and the like just want to gather information either using spywares or cookies and not haunt users by making their computers slow, can such self destructable programs (spywares) be made which destroy themselves when they detect that they are not able to send any info to its destination.... (using the tips given by MsMittens to stop info to go out of the computer!!!), or self destructable after some time, just like some cookies are self destructable after a set time....... this will help clearing up the users computer of unwanted programs....any loop holes in this idea!? is it the cost of developing such programs that check the agencies from developing such programs!?
    keep smilling

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •