College PC Security.

[mypojam]

Ok here's the deal. I use a college computer extensively.
This is because i don't have a PC at home and we have broadband in college.
I use it for internet, web based e-mail, forum and website development.

And then it strucked me. What if someone trying to be smart and install a keylogger.
that way, all my passwords are exposed. Keep in mind that the pc i'm using is running M$ Windows 2000 Pro.

My question:
how can i know someone if someone is keylogging me ?
how can i know if the admins is watching me ?

that's all. thanks for reply.
pojam.

[SirDice]

Originally posted here by mypojam
how can i know someone if someone is keylogging me ?

If someone did it properly, you don't. The admins should be able to find it though.

how can i know if the admins is watching me ?

Don't worry, they already do. It's part of their job. This is also the reason why they should be able to tell if someone installed a keylogger.

[slarty]

And then it strucked me. What if someone trying to be smart and install a keylogger.

Hopefully the college sysadmin will keep their systems sufficiently secure to prevent installation of a software keylogger on someone else's account (or at system level). They should of course also keep their system secure to prevent people from obtaining elevated privileges, and be careful about who they give those privileges to.

There is little to prevent hardware keyloggers, but at least they are slightly more expensive. Presumably the rooms are monitored by CCTV (although unless they are watched vigilantly, a determined person covertly installing and later removing a hardware keylogger will go unnoticed)

What kind of adversary are you considering? Maybe it's worthwhile considering the types of adversary who could easily install a keylogger, and avoid any activities which might provide them with what they want (for instance, don't buy stuff from web sites if you're worried about your CC number being stolen by someone for monetary gain).

It seems highly unlikely that someone would go to the trouble of gaining physical access and covertly installing an expensive hardware keylogger (which they could lose) to swipe a few CC numbers (they could get a job as a waiter instead)

As far as the college admin and government/state adversaries are concerned, you should just assume that they can access everything and behave accordingly.

Slarty

[Machiavelli_F]

I think that perhaps you should be more concerned about someone using your system for their own nefarious purposes, rather than worrying about a keylogger. In general, noone really cares about the data stored on your personal computer, and installing a software keylogger takes a bit of work and requires an aggressor to come back to your system at a later date to review what it caught, Then sort through a ton of garbage keystrokes that were you playing DOOM or writing a paper.

The main interest most aggressors are going to have in your system is using it as a relay to attack other systems, or as a zombie in a DDOS. In this case, the person isn't so much interested in what is on your computer as he/she is in the hardware itself. It may sound like no big deal, since you likely won't lose data, but imagine the college dean calling you into his office because your system was used to hack the FBI... Or, as a worst case scenario, used in the distrubition of kiddie-porn. Not a pretty picture.

If you are really afraid of someone attacking you, use some sort of firewall. If placing a second system between you and the network isn't an option, at a bare minimum you can use some sort of personal firewall (There are many of them, just do a search on "personal firewall"), and make sure you keep your system up-to-date on patches.

As to the school admins obtaining your credit card number from your data... Again, as a general rule, they don't really have the time to sort through a ton of data looking for credit card numbers - there are easier ways to get them. Unless you have made a personal enemy of one of them, I wouldn't worry about it, but if you are, make sure you only enter your credit card number on pages that are secure (You'll see a little lock in the status bar at the bottom of your browser.)

m.

[vercetti]

First of all, a good sysadmin should be watching everything happening on his network and that includes your activities. Second, If I were you I shouldn't be worried about keyloggers. It's the sysadmin's job to prevent such programs to stay on his computers and I guess he has means to do so, And any serious Attacker wouldn't use one, mainly for the lack of USEFUL info they provide. They would probably be the work of a script-kiddie and I don't think you should be scared of those.
One last advice is to check the Start Menu everytime you use the computers, because sometime you can find them there ( I did! ).
Hope this helps!

[HTRegz]

If you are concerned. The odds are that it will be a software keylogger. As previously mentioned hardware are more costly, and sometimes harder to install. Take a few minutes when you first get on the computer and download and run SpyBot S&D. While I've never had a keylogger on my system and cannot test it's claims, it does claim to remove keyloggers.

I don't know how your lab is set-up. I have access to 4 labs, 3 of them until 10 and the last is 24 hours.. two of the labs open until 10 are ghost labs. I can go in and ghost them with whichever OS I want and use a fresh install..... Maybe yer school has something like that. it'd be worth looking into.

[vercetti]

HTregz, Spybot S&D only detects existing spying and advertisements robots (taken from their help page). I think the CLEANER detects keyloggers. Not sure though.

[HTRegz]

Originally posted here by vercetti
HTregz, Spybot S&D only detects existing spying and advertisements robots (taken from their help page). I think the CLEANER detects keyloggers. Not sure though.

Taken from the SpyBotSD - Press Coverage page
If you're tired of hearing me recommend this free file, too bad.
It works. Spybot -- Search & Destroy effectively detects spyware, adware, key loggers, Internet dialers, browser hijackers, and even some trojans. Are you getting charged $200 a month for phone calls to the Cayman Islands? Get this free file. Do you have to reset your homepage every time you open Internet Explorer. Download this free file. Do you.... You get the picture..

[hjack]

Seems like everybody here is putting a lot of faith into these system admins. I just got one question. Why? Apparently there are a lot of system admins that know nothing about security. If anyone disagrees with me, just look to see how many script kiddies there are out there. Also anyone nmap'ed there local college yet? I have yet to find a computer at ufl.edu that doesn't have sub7. And yes there are ways to tell if its the fake servers and while some are, most aren't. A little less faith and a little more caution is what we should be emphasing.


hjackl

[vercetti]

HTregz, My bad then.