[Fed-Talk] Paranoid or what
[Fed-Talk] Paranoid or what
- Subject: [Fed-Talk] Paranoid or what
- From: Michael Pike <email@hidden>
- Date: Wed, 18 Jan 2006 16:22:54 -0700
Ok... this whole screen not locking after 10.4.4 and nobody else
having the problem really concerns me.
I did a (at the shell) process monitor (ps aux), and didn't notice
anything weird other than:
/usr/sbin/ocspd
There is no manual entry for it, and when run directly it just says
"Abort Trap".... after a reboot, my machine now locks properly upon
screen saver abort.
I'm not in a high security agency, but it strikes me as very peculiar
that my computer sat all night on a screen saver and when I came in
in the morning didn't require a password, even though I rebooted
after the 10.4.4 update.
I use Filevault as well for file protection, but I am worried that
perhaps a key logger or something may have been installed.
To my knowledge, to install an application they would still need my
admin password, but they could install a binary application at the
shell level and effectively install a key logger or some other type
of malware without an admin password considering they potentially had
access to my account and shell.
Does anyone know what this OCSPD application does? We had some linux
machines at one time that got the "froggy" bug (showed up as frgy in
process monitor) that would capture passwords and email them out.
Would it be overkill to rebuild my machine from scratch, or is there
an easy way to determine if something has been placed on here to
capture keystrokes, keychains, etc.
Singing - "I always feel that.... somebody's watching meeeeeeeeee",
Mike
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden