Problem:  Reading email, browsing, and other regular use of a browser could possibly infect one with something as insidious as LivePerson cookies.

For anyone who hasn't worked for a remote hoster, LivePerson cookies are installed either as a legitimate process, allowing remote desktop keylogging and access; or as a virus trojan.  Watching a TCPDUMP one will see cookies kicking off and reporting various things back home.

The HOME is always in the cookie, but might be misleading.  Check out your LivePerson cookies to see where your keylogger or tracking cookie originated.

Some people report RDP and mouse type controlling behavior when these cookies until the cookies are removed (simple in Firefox, just delete the cookie file.

Solution: Create an exclusion List.
In newer versions of Mozilla(/Firefox), cookperm.txt is deprecated in favor of hostperm.1 (http://bugzilla.mozilla.org/show_bug.cgi?id=219752).

http://bugzilla.mozilla.org/show_bug.cgi?id=219752#c4
This patch creates a new file, named "hostperm.1". The format is:
host \t cookie \t 1 \t www.mozilla.org
so:
host    image   2       ads2.clearchannel.com
host image 2 jinisearch.co.uk
host image 2 oas.villagevoice.com
host image 2 aaddzz.com
... and so on

cookperm.txt is probably the same way, but hostperm.1 is very sensitive to the delimiter (single tab only) and is stored in the same place as cookperm.txt (http://kb.mozillazine.org/index.phtml?title=Profile_Folder).
The list of ad servers is now available in the new hostperm.1 format

If you would like to build a LivePerson cookie for tracking, check this out:



--
www.obnosis.com (503)754-4452
"Contradictions do not exist." A. Rand