always a newbie
by jebni on June 23, 2006
I always thought of myself as a canny user, if not actually a “power user”. I’ve set up my PowerBook to always ask for a password once someone opens it. I’ve got a personal firewall set up in stealth mode, and my own home WiFi network has a NAT firewall. I have a utility called “Little Snitch” that informs me about every little piece of network access that any application attempts.
A few weeks ago, somebody changed my computer’s administrator password, and I had to reboot from a system DVD to regain access to my own computer. Today, somebody changed the password to my Gmail account. Luckily, I still happened to be logged in on another computer, and was able to regain access. As a traveller, I’ve been using a lot of WiFi in public, but given that neither password was ever sent in cleartext over the net, how is this possible? Is one of my apparently friendly applications actually a keylogging trojan horse?
4 comments
Ouch.
It’s probably worth opening up Console.app and having a sniff around system.log for any signs of attempted external connections to your ip address.
Also, look at Steve Gibson’s security site: http://www.grc.com/default.htm — particuarly “Shields Up!” which is a browser-based analyser of holes in your system security.
Finally, the Mac forum on arstechnica.com is a good place to seek wisdom. I’ve never heard of a functional keylogger on the mac, so this is a bit of a shock.
by Nick Caldwell on 24 June 2006 at 2:30 pm. #
Thanks Nick, I’ll have a look.
by jebni on 28 June 2006 at 4:41 pm. #
Ben, did you find out what the problem was?
by hon on 7 July 2006 at 10:53 pm. #
Nope. By the time I got round to checking the logs, they’d been rotated into hell. :(
by jebni on 15 July 2006 at 10:57 am. #