Question about Keylogging

ComputerLover1

What are the concepts concerning this type of attack or where can I find out more ?

Thank you

Schluep

Keylogging is a commonly used attack that could have several different purposes. It records all keystrokes input by a user and sends this information to the attacker or other person that set-up the keylogger. Some more advanced spin-offs of this technology also capture screenshots of what is being viewed on screen by the user as well. Some other examples can be used to only monitor speed of keystrokes to determine productivity of employees with clerical tasks or things such a mouse usage.

There are hardware and software based versions. A hardware example would be a small device attached to the end of the input adapter on the keyboard that would then connect to the PC. These type obviously require physical access to the computer and are based on the premise that the user is unlikely to be looking at the plugs on the back of the computer on a regular basis. The attacker or person performing this monitoring would then retrieve the hardware device and the recorded keystrokes along with it. Software versions are installed on the user's PC either directly from the PC, or more often packaged as a Trojan Horse in an application that the user intends to install.

From an offensive perspective, they can be used to obtain anything from Usernames/Passwords to log in as the victim, or personal information such as Credit Card numbers. They can also be used to breach confidentiality by determining the conent of a message or document being typed by the user.

From a security perspective, you have to tread VERY carefully if you plan to use them for monitoring people. I am not too famliar with all of the legalities in various Countries regarding usage, but in the US you must be very careful of privacy laws. If you install it to monitor employees for example it must be clearly documented in writing through preferably a banner that displays to the employee requiring them to accept that they read and understand that this monitoring will take place. It should not be done in a discriminatory fashion so if you plan to monitor one employee, you should monitor all and make sure all are aware of this fact. Additionally, personal information should not be read, only those things that you are specifically monitoring for. You should not even think about trying to monitor someone who is not an employee or child of yours under any circumstances due to a serious violation of privacy both ethically and often legally.

This may go beyond the scope of the Security+ exam as I have not done the reading on it yet, but it is a quick summary regarding the purpose and common uses of keyloggers. As for finding out more, most of the Security+ books are likely to contain the information that would be needed for the Exam. You could probably find more information on the web from a search engine or Wikipedia (http://en.wikipedia.org/wiki/Keylogger) even. I doubt there are any books specifically to keyloggers unless it is focused on design.

ComputerLover1

Thank you as it was very detailed in explanation . I am taking my Sec+ online and just wanted to know how this attact could take place and now I know .

sprkymrk

Yes, I was going to reply but Schluep said it better than I would have.

alstonnat

Recently I am collecting all information about keylogger.

This would be one of the helpful threads.


Thanks!

TechGuy215

Anybody remember the script-kiddie tool Subseven by mobman? That had a pretty decent logger built into it. I remember doing some pen testing with it back in the day, it was a pretty fun little tool.

certero

TechGuy215 wrote: »

Anybody remember the script-kiddie tool Subseven by mobman? That had a pretty decent logger built into it. I remember doing some pen testing with it back in the day, it was a pretty fun little tool.

Sure do! Good ole port #27374... LOL