Re: keyboard logging questions

From: Darren Welch (WELCHDat_private)
Date: Thu Jun 28 2001 - 01:52:55 PDT

Next message: Collins, Steve: "RE: keyboard logging questions"

Previous message: svetlikat_private: "Re: Where are greater risks?"
Maybe in reply to: Booke, Raymond: "keyboard logging questions"
Next in thread: Collins, Steve: "RE: keyboard logging questions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Winguardian, http://www.webroot.com/ is supposed to be coming out with a forensic version of their logger. It captures keystrokes, internet access addresses as well as times and takes screenshots as often as you would like. The nicest feature I have used is it also emails you all of the logs so you do not have to keep returning to the users pc. One comment though. If you utilize the screenshot feature, it begins to kill the users disk space and could be a give away. For that reason, I usually stay away from screen shots. The program itself hides in the system folder, does not show up as a running program autoloads at startup, requires a keystoke combination and password to access the program, but mind you, it will show up on a keylogger sniffer. I dont know of any that won't though. I am not sure when the forensic version will be out and if it will defeat the sniffer. Hope this helps.

Darren Welch

>>> "Booke, Raymond" <Raymond.Bookeat_private> 06/26 7:48 PM >>>
Hello All,

I am looking for information on keyboard loggers. I would like to use such
a tool for evidence gathering, but the tools I have seen don't meet the
specs that would be required. The tool would have to be:

Completely hidden,
Remotely installable
Not going to trigger virus scanner

It appears that these requirements are a bit hard to come by. Does anyone
currently use a keyboard logger for this purpose? If so, how have you
fared? Is it capable of doing what I need?

Raymond Booke MCSE, CCNA, NET+, A+
Global Data Security Group
Perimeter Security Analyst
raymond.bookeat_private
480-643-6960

-----------------------------------------------------------------

This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see:

http://aris.securityfocus.com

-----------------------------------------------------------------

This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see:

http://aris.securityfocus.com

Next message: Collins, Steve: "RE: keyboard logging questions"
Previous message: svetlikat_private: "Re: Where are greater risks?"
Maybe in reply to: Booke, Raymond: "keyboard logging questions"
Next in thread: Collins, Steve: "RE: keyboard logging questions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 28 2001 - 16:10:16 PDT