IMHO the problem with software based logging is that virus scanners could be updated and you could have one seriously ticked off user on your hands. If you can find one that is not currently scanned for, and the particular user is not liable to turn it back on, you should disable definition updates while the logger is running. Or... if possible, and the particular user is not liable to be poking around the back of the machine or 'rearranging the furniture', then a hardware logger is the way to go. http://www.codexdatasystems.com/keykatch.html ..Conor > ----- Original Message ----- > From: "Booke, Raymond" <Raymond.Bookeat_private> > To: <forensicsat_private> > Sent: Tuesday, June 26, 2001 4:48 PM > Subject: keyboard logging questions > > > > Hello All, > > > > I am looking for information on keyboard loggers. I would like to use > such > > a tool for evidence gathering, but the tools I have seen don't meet the > > specs that would be required. The tool would have to be: > > > > Completely hidden, > > Remotely installable > > Not going to trigger virus scanner > > > > It appears that these requirements are a bit hard to come by. Does anyone > > currently use a keyboard logger for this purpose? If so, how have you > > fared? Is it capable of doing what I need? > > > > Raymond Booke MCSE, CCNA, NET+, A+ > > Global Data Security Group > > Perimeter Security Analyst > > raymond.bookeat_private > > 480-643-6960 > > > > > > > > ----------------------------------------------------------------- > > > > This list is provided by the SecurityFocus ARIS analyzer service. > > For more information on this free incident handling, management > > and tracking system please see: > > > > http://aris.securityfocus.com > > > > > > > ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jun 28 2001 - 16:01:54 PDT