Given the importance of documentation in forensic examination, I am curious to know if any of you use keystroke loggers as a documentation tool and what brand if you do. We were lamenting the ways to implement keystroke logging in a DOS environment modified for forensics work and the thought arose to use this hardware-based logger: http://www.thinkgeek.com/stuff/gadgets/5a05.shtml It sits between the keyboard and PS/2 port and records 65K keystrokes at a time. I read up on it and it apparently doesn't record some control functions since it's memory is accessible via what amounts to playback through a text editor and could trip harmful PC functions if it tried. It has some obvious benefits although the control key exceptions make it less than desirable for Unix examinations. It would seem an interesting thing to try as long as you aren't using GUI based investigative software. Anyone used it or one like it? Michael Burnette Rogers & Hardin LLP Atlanta, GA USA This message and any attachments are intended for the use of the addressee(s) only and may be confidential and covered by the attorney/client and other privileges. If the reader is not the intended recipient, DO NOT READ, notify sender and delete this message. In addition, be aware that any disclosure, copying, distribution or use of the contents of this message is strictly prohibited. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Apr 22 2002 - 20:23:12 PDT