parental control package

Antivirus, forensics, intrusion detection, cryptography, etc.
Message
Author
merlin026
Posts: 26
Joined: Sat 31 Dec 2005, 10:52

parental control package

#1 Post by merlin026 »

Could someone help us with creating a pet for lkl keylogger software (or any other keylogging software that would work under puppy 4.1
Or explain how to make it work, for we don't seem to get it working.
Kind regards,
Merlin026
Last edited by merlin026 on Tue 23 Dec 2008, 23:30, edited 1 time in total.

User avatar
trapster
Posts: 2117
Joined: Mon 28 Nov 2005, 23:14
Location: Maine, USA
Contact:

#2 Post by trapster »

I tried this last night and could get it to log a few keystrokes. It then went into a seg. fault and quit.
trapster
Maine, USA

Asus eeepc 1005HA PU1X-BK
Frugal install: Slacko
Currently using full install: DebianDog

brad_chuck
Posts: 286
Joined: Tue 16 Aug 2005, 03:47
Location: Appalachian Mountains

#3 Post by brad_chuck »

Worked for me. No problems.

Code: Select all

./configure
make
make install
lkl -l -k keymaps/en_km -o keydata.txt
I am not going to post a dot pet for a key logger on this forum.

Don't think anyone else should ether.

User avatar
ttuuxxx
Posts: 11171
Joined: Sat 05 May 2007, 10:00
Location: Ontario Canada,Sydney Australia
Contact:

#4 Post by ttuuxxx »

well brad maybe you also shouldn't of displayed the configure code also, what a terrible idea of packaging a keylogger, especially with all the derivatives being produced, Something like that could bring everything to a end. This whole thread should be deleted.
ttuuxxx
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#5 Post by Flash »

If this thread is deleted then only a few people will be aware that there is a keylogger which can easily be installed in Puppy. Instead of deleting the thread, maybe we should try to find a way to tell if a keylogger is installed in your Puppy?

User avatar
ttuuxxx
Posts: 11171
Joined: Sat 05 May 2007, 10:00
Location: Ontario Canada,Sydney Australia
Contact:

#6 Post by ttuuxxx »

Flash wrote:If this thread is deleted then only a few people will be aware that there is a keylogger which can easily be installed in Puppy. Instead of deleting the thread, maybe we should try to find a way to tell if a keylogger is installed in your Puppy?
Well that could take sometime and then this could be spread, Why not delete the thread and figure it out in the background? Some keyloggers will report to a email address in the background and the current user will have no idea that his bank details/passwords have now be shipped to someone who he doesn't know, Keyloggers are the worst kind of spyware, every key stroke is recorded and sent over the net, This thread needs to be delete. Its a very large security hole that needs to be closed.
ttuuxxx
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)

merlin026
Posts: 26
Joined: Sat 31 Dec 2005, 10:52

keylogger or any other parental control tool for Puppy

#7 Post by merlin026 »

What we are looking for is some kind of parental control tool similar to the ones that you can find on a windoz machine - a keylogger seemed to us the only alternative to work with Puppy.
Thanks for any suggestions.

User avatar
hillside
Posts: 633
Joined: Sun 02 Sep 2007, 18:59
Location: Minnesota, USA. The frozen north.

#8 Post by hillside »

I'm not sure that this thread would provide any essential knowledge to
an actual bad guy. People who would use this kind of program for
nefarious purposes already either have this kind of knowledge or can
easily obtain it.

It may be worth leaving this thread in place just to show that no
operating system can be made absolutely fail safe and that people
always need to be vigilant.

It also wouldn't hurt to discuss the parental control aspect of the
issue. I can see this as a feature that many people might want to
make use of.

User avatar
Aitch
Posts: 6518
Joined: Wed 04 Apr 2007, 15:57
Location: Chatham, Kent, UK

#9 Post by Aitch »

http://dansguardian.org/?page=download

keylogger - yuk

I too favour deleting that part of the thread

Aitch :)

brad_chuck
Posts: 286
Joined: Tue 16 Aug 2005, 03:47
Location: Appalachian Mountains

#10 Post by brad_chuck »

augh.. all I showed was the standard config code and the example command line from the help file.

these things exist..

I vote for deletion just so we don't give anyone any ideas.

User avatar
ttuuxxx
Posts: 11171
Joined: Sat 05 May 2007, 10:00
Location: Ontario Canada,Sydney Australia
Contact:

#11 Post by ttuuxxx »

merlin026

If you want it compiled or some other sort parental control tool, pm me and I'll work on it, But first edit your first post and change lkl keylogger pet title to "delete post" and delete all the info you placed on here. I would rather just help you as in one person then let these ideas run to others who might use them to destroy peoples lives.
ttuuxxx
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#12 Post by Pizzasgood »

When you decide to use some random Puppy derivative created by some dude you've never met, how do you know he doesn't have anything nasty hidden inside? You don't.

If you trust Barry, you can be reasonably sure there isn't anything nasty in the official releases, unless it managed to sneak past him. But for derivatives, you have to also trust the creator of that derivative. And for derivatives of derivatives you need to trust Barry and both people involved in the remaster.

This applies to all distros and operating systems. If you don't trust the people at Red Hat, you can't trust Red Hat Linux.

I don't trust the people at MS, so I don't trust any MS product.




As for deleting this, I don't really see much point. This particular software comes up at the top of a google search for "linux keylogger" and the compile instructions are as basic as it gets, so it's not like we'd be hiding any info. If merlin026 wants it deleted I'll do it, but not otherwise.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
ttuuxxx
Posts: 11171
Joined: Sat 05 May 2007, 10:00
Location: Ontario Canada,Sydney Australia
Contact:

#13 Post by ttuuxxx »

I DO NOT see the need to advertise ideas for people to read and get the wheels spinning, It places ideas in peoples heads, Thats where it starts, then someone might debate on it, and finally give in. Sure it might be easy to find or compile, but why advertise it.
Its like Racist comments, Can we make a thread and start some crap like that? Or is it better not spread such bad ideas around?
If it isn't generally productive for puppy it should be deleted. This thread is 100% counter productive and could lead to crippling a lot of fun that users partake in.
Pizzagood and Flash, both of you can sit on your hands and play stupid all you want, But if issues arise from this, I hope you devote 100% of your spare time trying to fix this mess that the both of you let happen.
I've tried to do the right noble thing here. I'll sleep fine, Probably won't download anymore Variants. And just stick to the main stream now. Whats the sense of having admins to protect the general public if they pro-Spyware.
ttuuxxx
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)

Caneri
Posts: 1513
Joined: Tue 04 Sep 2007, 13:23
Location: Canada

#14 Post by Caneri »

@Flash..agreed there should be a method of detection for such a simple and malicious thing. MS virus scanners don't work well with a Linux structure.

@ttuuxxx....this has been attempted before in Puppy and it will continue to happen....alerts should be raised. Users need to know the software they download is clean...a tall task for any distro.

@PG...this is a tough one...it's all in the open so deletion will not make any difference...but there needs to be a way to help noobs to be safe.

Eric
[color=darkred][i]Be not afraid to grow slowly, only be afraid of standing still.[/i]
Chinese Proverb[/color]

User avatar
DesertPuppy
Posts: 34
Joined: Tue 08 Aug 2006, 20:58
Location: Mississippi

#15 Post by DesertPuppy »

just a quick observation:
I know everyone is worried about keyloggers root kits, virus and the sort taking your personal info and sending it somewhere for evil purposes but how would the program send an email with the log of the keystrokes if puppy doesn't have a sendmail service or server running ? I don't even think there is one in the default dist. So I was wondering what is so bad about this ? I could see where someone would want a log for when others are using there computer. I might be wrong but I looked through the source code and couldn't find anything that would let it send an email out through Puppy. I'm no expert in programming and don't want to get anyone worked up but one of the benefits of puppy is that we don't have most of the normal services running like other distro.

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#16 Post by Pizzasgood »

Well, anybody wanting to add a keylogger into a package could just throw in some mail utilities while they're at it...

(OMG! Another bright idea no other person could ever come up with on his own! I've just inspired the ID theft of two and forty score people!)

That leads to one way you could possibly identify a suspicious package: make sure it isn't abnormally large. Also, you can extract (without installing) a package like this:
pet2tgz somepackage.pet
tar -xf somepackage.tar.gz

Then the package's contents will be inside the somepackage/ directory, so you can look around and make sure there aren't any suspicious files. In particular, look for things in auto-run directories like etc/init.d, etc/profile.d, and root/Startup. Also beware of replaced system files like /root/.xinitrc, /etc/profile, and stuff in /etc/rc.d/. And if there's a pinstall.sh script, read it to be sure there's nothing nefarious in that.

That doesn't help if the malware is compiled into the programs or libraries though.

(Oh snap, another inspiration!)

I'd better not mention the madness that could happen if the package also replaced things like ps, kill or even the kernel so that all this malware they're installing wouldn't turn up in the process list, nor be killable...


There is a reason that people recommend keeping a list of md5sums for all system files so you can tell when they change (assuming nobody modifies the list - store a hard copy outside the system so that that isn't a possibility unless you're dealing with people who have physical access to your stuff)

I would do that myself, if I didn't change things around so often that it would be more hassle than it's worth.


EDIT: With non-Full Puppy installs, you can look in /initrd/pup_rw/ to get an idea of what files have changed or been added from the default installation. That doesn't take into account anything added through a .sfs file, nor anything added by modifying the pup_xxx.sfs file (not normally possible - it's a readonly filesystem due to being compressed, but it could still be replaced, and I think you can append to it.)

(Whoops, out slips another one...)


I say, best to know how they can hit you, then figure out how to block it, rather than suppress the knowledge in the hopes that the crooks won't figure it out on their own. And yeah, I'm against gun bans, and my neck is a little red in the summer. And there ain't nuthin wrong with a pick-em-up truck, 'cept they tend to burn more gas than a small car or motorcycle.
[/rant]
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

brad_chuck
Posts: 286
Joined: Tue 16 Aug 2005, 03:47
Location: Appalachian Mountains

#17 Post by brad_chuck »

woof woof...

well said pizza.

User avatar
Aitch
Posts: 6518
Joined: Wed 04 Apr 2007, 15:57
Location: Chatham, Kent, UK

#18 Post by Aitch »

Pizza does it again.....

However, before everyione goes off topic, merlin026 revealed the real reason [?] for suggesting a keylogger was for 'parental control'

I posted a link to dansguardian, which performs that function without a keylogger in sight, & since other parents may be wanting 'parental control' also, I suggest those who want to get paranoia/911 blues start a new thread, and any other ideas for 'parental control' be continued here.....


just a bit of focus, eh, guys & gals?

Perhaps an edited change of thread name, merlin026?

Aitch :)

Edit: Thanks

User avatar
richard.a
Posts: 513
Joined: Tue 15 Aug 2006, 08:00
Location: Adelaide, South Australia

#19 Post by richard.a »

Now we are back on topic, there is a cumbersome but fully workable way to prevent actual access to known urls.

The key there - nothing to do with keyloggers lol - is the word "known".

You put a list of KNOWN addresses into your hosts file.

That's located at /etc/hosts

I discussed this with another fellow, I think on another forum.

You can read about my ideas which I've since realised are able to be modified a bit, but it is a project I called "gotcha" - why becomes obvious as you read the page at http://micro-hard.homelinux.net/gotcha/index.htm

This concept would do the trick, but as I said, you would need to know the bad addresses in advance, and add them as new ones came to light. The file ends up being quite huge.

Explore the directory where that page is located. It's index.htm rather than index.html so you can look inside. Check out the philosophy

Richard
[i]Have you noticed editing is always needed for the inevitable typos that weren't there when you hit the "post" button?[/i]

[img]http://micro-hard.dreamhosters.com/416434.png[/img]

User avatar
ttuuxxx
Posts: 11171
Joined: Sat 05 May 2007, 10:00
Location: Ontario Canada,Sydney Australia
Contact:

#20 Post by ttuuxxx »

or just add an internet filter is probably the easiest way :)
http://procon.mozdev.org/
ttuuxxx
also use what schools use for filtering
http://www.opendns.com/
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)

Post Reply