Solved

Trojans, Keyloggers Problem..

Posted on 2004-05-03
6
335 Views
Last Modified: 2013-12-04
Hello.  If a user has managed to sneak away my password using a keylogger how am I still able to protect my email.

All the user has to do is to login to my pop3 email server and bingo, since he has the username and password all he has to do is download.

There must be a way to install a personal certificate on my local pc, which allows only my pc to be able to download the email from my pop3 server, the server will check to see which computer is requesting mail from the pop3 server check the certificate to see if it matches the credentials on the server, authorize the username and password and then allow me to download the email... This will allow me to download the email only from my computer for which i install the certificate and no other computer, even if they have my username and password they cannot login to my pop3.  

THey can of-course telnet but my isp has disabled the telnet port already.

Bascially I am looking for just a more secure way of rcvding email, for fear that somebody else is using a program like eblaster or something to get my emaisl.. I have the latest version of norton and also have a hardware  firewall, but that is still not good enough.

I also want to find out if there is a way to use a screen name like aol has.. I.e. my email add is xxx1@servername.com  but my login to my pop3 is xxx987 or something different from my email add, so this way it is more difficult for a hacker to attempt to guess my password, since the username is completley different.  My isp says they don't know about this. but I am sure one of the above options must be available.

THanks.
0
Comment
Question by:Ricky11
6 Comments
 

Author Comment

by:Ricky11
ID: 10975473
and of-course i do change my password often, but still does not solve my problem.
0
 
LVL 7

Accepted Solution

by:
IceRaven earned 500 total points
ID: 10975808
Hi Ricky11,

The POP3 Protocol uses password authentication (plaintext).  So if you want to use pop3 then you have to use a password and your email username and password is going to travel unencrypted over the internet.  There are other ways to get email, which encrypt the password and use web based interface eg. www.hushmail.com However the only way that you are going to get the type of security you are asking for is by running your own maill server in my opinion.  You could set the server so you were the only one able to check email, either by PKI (Certificates) or by assigning your computer an IP address that is the only IP addresss that can access port 110.  

As for using a "screen name"  just use a possword impossible to guess or brute force.

eg.  IWishIhadLotsandLostsof$IreallyReallydo!

or somthing like that.  YOu can't brute force it, can't guess it.. you would need to know it, so as long as you typed it in on a computer that was clean from keyloggers/ in a room that didn't have a camera focused on your keyboard, some time of hardware intercepter on your keyboard... I could go on and on and on.... I realise I could probably write an essay on this subject but here is a short answer for the long ramble I have just given.

Option 1. Run your own mail Server
Option 2. Clean your computer of key loggers and use hushmail.

Cheers,
IceRaven
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10976265
Not answering your question, but to secure you in the future....

Cleaning your computer  - and protecting it in the future -  can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10983134
Webmail is a very secure way to connect to your ISP email's, uses HttpS, there is no plain-text over the HTTPS connection if your ISP has it configured. If they only offer Pop3 .... there will be plain-text all over the place. Be sure your Computer doesn't have a key-logger or a "Fake GINA" McAfee is able to detect the most popular k-loggers and an altered GINA. Natuarlly better usernames and passwords are a must, but if you have a keylogger, you could have the worlds best pass and username and still get your email stolen. TDS3 is also a superb program at detecting mal-ware. If you have a cable modem or DSL connection, the only way your info can be sniffed is if they are your neighbor (actually that may or may not be true for DSl.. not sure) or in your neighborhood pretty much. If you run wire-less at your home, your broadcasting your traffic anyway, and anyone can sniff that if they are with-in a certain distance. Your isp or pop3 provider would need to provide a secure means for DL'ing you email, there is nothing you can do on your own to MAKE your mail provider send encrypted email to you, and vice versa. Again it would need to start with them (the ISP).

If you are running your own... then depending on what program you run for mail, then yes you can use a cert or PGP key for mail.
http://www.pgp.com/
-rich
0
 

Author Comment

by:Ricky11
ID: 10984147
Thanks Guys.. Although I am still not satisfied..

I know emails are like postcards, but there has to be a better solution for an average user to check email securerly.

No matter if you are using hushmail or sending data thourhg https a trojan will still pick up the keystrokes and send them off, I have tested Mcafee, Norton and various others, not all of them detect varients of Eblaster, and some of the others out there.  But that is not the problem, I am not concered about protecting my computer/server before I get infected, I want to know even though *if* i am infected and *if* the hacker has managed to steal my username and password they should not be able to check my mail.  I am interested in PKI and am going to check it out to see if my isp could do something with that.  IceRaven thanks for that.

I will be back.

Thanks.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10987596
>" I am interested in PKI and am going to check it out to see if my isp could do something with that."


An Introduction to the Windows 2000 Public-Key Infrastructure - Official white paper from Microsoft that introduces PKI on Windows 2000. Focus is on the design of PKI and the differences between Enterprise Certificate Authorities and stand-alone Certificate Authorities. 20 pages.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/evaluate/featfunc/pkiintro.asp
 
Certificate Autoenrollment in Windows XP - With Windows XP it is now possible to autoenroll certificates to users. This reduces the normally high costs of building and maintaining a PKI infrastructure. The entire life cycle of the certificates can be managed including enrollment, renewal and deletion of expired and revoked certificates. To gain this new feature you need a .Net Schema, updates to your Group Policies and a Windows .Net Server 2003 Enterprise Edition as an Enterprise Certificate Authority. 46 pages.
http://www.microsoft.com/windowsxp/pro/techinfo/administration/autoenroll/default.asp
 
Microsoft Windows 2000 Public Key Infrastructure - White paper from Microsoft concerning the basic functionality in PKI, and what technologies in Windows 2000 that are able to use PKI. 27 pages.
http://www.microsoft.com/windows2000/techinfo/planning/security/pki.asp
 
Step-by-Step Guide to Administering Certificate Services - Nice introduction from Microsoft on Certificate Authorities. In this document you find simple practises where you install a stand-alone CA, do a backup and restore of it, issue certificates, revoke certificates and publish CRLs (Certificate Revocation Lists). 10 pages.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/howto/pubkeyox.asp
 
Step-by-Step Guide to Public Key Features in Outlook Express 5.0 and Above - Short white paper from Microsoft on configuration ofOutlook Express 5.0 with regards to the use of certificates and encryption/signing of mails. 2 pages.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/howto/pubkeyox.asp
 
Step-by-Step Guide to Public Key Features of Outlook 2000 - If you want to send encrypted/signed mail with Outlook 2000 here's an explanation of the client side setup. 3 pages.
http://www.microsoft.com/windows2000/techinfo/planning/security/pubkeyol2000.asp
 
How to Digitally Sign and Encrypt Messages in Outlook Express
http://support.microsoft.com/default.aspx?scid=kb;en-us;168726

Step-by-Step Guide to Public Key-Based Client Authentication in Internet Explorer - Nice little overview from Microsoft going through the configuration of IE when you want certificate based authentication using TLS/SSL. Only the client side is described here. 2 pages.
http://www.microsoft.com/windows2000/techinfo/planning/security/pubkeyie.asp
 
Windows 2000 Server and Key Management Server Interoperability - White paper from Microsoft on the integration of PKI and Exchange 5.5 / Exchange 2000. Thorough description of using the Key Management component on exchange to enable encryption and signing of emails. 40 pages.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/exchange/exchange2000/maintain/optimize/win2kms.asp
 
Windows XP Wireless Deployment Technology and Component Overview - This official Microsoft paper addresses Wireless technologies. It sums up the processes of connecting, authenticating and encrypting, and goes into different technologies such as RADIUS/IAS, EAP and certificates. 41 pages.
http://www.microsoft.com/windowsxp/pro/techinfo/administration/networking/default.asp
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now