Problem: Reading email, browsing, and other regular use of a browser could
possibly infect one with something as insidious as LivePerson cookies.
For anyone who hasn't worked for a remote hoster, LivePerson cookies are
installed either as a legitimate process, allowing remote desktop keylogging
and access; or as a virus trojan. Watching a TCPDUMP one will see cookies
kicking off and reporting various things back home.
The HOME is always in the cookie, but might be misleading. Check out your
LivePerson cookies to see where your keylogger or tracking cookie
originated.
Some people report RDP and mouse type controlling behavior when these
cookies until the cookies are removed (simple in Firefox, just delete the
cookie file.
Solution: Create an exclusion List.
In newer versions of Mozilla
(/Firefox),
cookperm.txt is deprecated in favor of hostperm.1 (
http://bugzilla.mozilla.org/show_bug.cgi?id=219752).
http://bugzilla.mozilla.org/show_bug.cgi?id=219752#c4
This patch creates a new file, named "hostperm.1". The format is:
host \t cookie \t 1 \t www.mozilla.org
so:
host image 2 ads2.clearchannel.com
host image 2 jinisearch.co.uk
host image 2 oas.villagevoice.com
host image 2 aaddzz.com
... and so on
cookperm.txt is probably the same way, but hostperm.1 is very sensitive to
the delimiter (single tab only) and is stored in the same place as
cookperm.txt (http://kb.mozillazine.org/index.phtml?title=Profile_Folder).
The list of ad servers is now available in the new hostperm.1
format
If you would like to build a LivePerson cookie for tracking, check this out:
--
www.obnosis.com (503)754-4452
"Contradictions do not exist." A. Rand