Keystroke Logging-Key Loggers
A logfile from a software-based keylogger
Key Loggers, like the name suggests, are programs that record keystrokes from the computer keyboard and either logs it to the computer or sends it to its maker through a built in e-mail engine. Key logging allows a prospective hacker to gain access to the user name, passwords, and even id numbers entered into sensitive online bank accounts or passwords to remote control programs.You can find the list of latest keyloggers here
http://www.keylogger.org
Use PSMantiKeylogger to check if your computer has any keyloggers installed, you can get it here
http://psmantikeyloger.sourceforge.net/prod03.htm
NextGen AntiKeylogger Free 3.3.0.1
http://www.softpedia.com/progDownload/NextGen-AntiKeylogger-Free-Download-139613.html
Here are a few other ways to be safe from harmful effects of key loggers
*Monitoring what programs are running
A user should constantly observe the programs which are installed on his or her machine. Also, devices connected to PS/2 and USB ports (which have both been hacked) can be used to secretly install a keylogger and then remove it (along with the user’s data) by the perpetrator.
* Anti-spyware
Anti-spyware applications are able to detect many keyloggers and cleanse them. Responsible vendors of monitoring software support detection by anti-spyware programs, thus preventing abuse of the software.
* Firewall
Enabling a firewall does not stop keyloggers per se, but can possibly prevent transmission of the logged material over the net if properly configured.
* Network monitors
Network monitors (also known as reverse-firewalls) can be used to alert the user whenever an application attempts to make a network connection. This gives the user the chance to prevent the keylogger from “phoning home” with his or her typed information.
* Anti-keylogging software
Keylogger detection software is also available. Some of this type of software use “signatures” from a list of all known keyloggers. The PC’s legitimate users can then periodically run a scan from this list, and the software looks for the items from the list on the hard-drive. One drawback of this approach is that it only protects from keyloggers on the signature-based list, with the PC remaining vulnerable to other keyloggers.
Other detection software doesn’t use a signature list, but instead analyzes the working methods of many modules in the PC, allowing it to block the work of many different types of keylogger. One drawback of this approach is that it can also block legitimate, non-keylogging software. Some heuristics-based anti-keyloggers have the option to unblock known good software, but this can cause difficulties for inexperienced users.
* One-time passwords (OTP)
Using one-time passwords is completely keylogger-safe because the recorded password is always invalidated right after it’s used. This solution is useful if you are often using public computers where you can’t verify what is running on them. One-time passwords also prevents replay attacks where an attacker uses the old information to impersonate. One example is online banking where one-time passwords are implemented and prevents the account from keylogging attacks as well as replay attacks.
* Automatic form filler programs
Automatic form-filling programs can prevent keylogging entirely by not using the keyboard at all. Form fillers are primarily designed for web browsers to fill in checkout pages and log users into their accounts. Once the user’s account and credit card information has been entered into the program, it will be automatically entered into forms without ever using the keyboard or clipboard, thereby reducing the possibility that private data is being recorded. (Someone with access to browser internals and/or memory can often still get to this information; if SSL is not used, network sniffers and proxy tools can easily be used to obtain private information too.)
It is important to generate passwords in a fashion that is invisible to keyloggers and screenshot utilities. Using a browser integrated form filler and password generator that does not just pop up a password on the screen is therefore key. Programs that do this can generate and fill passwords without ever using the keyboard or clipboard.
* Drag & Drop
Most keyloggers cannot intercept texts which are drag & dropped from one window to another. With the help of this technique, sensitive data could be transferred, for example, from a password manager to the target application.
* Non-technological methods
Most keyloggers can be fooled by alternating between typing the login credentials and typing characters somewhere else in the focus window. Similarly, one can move their cursor using the mouse during typing, causing the logged keystrokes to be in the wrong order. One can also use context menus to remove, copy, cut and paste parts of the typed text without using the keyboard.
Another very similar technique utilizes the fact that any selected text portion is replaced by the next key typed. E.g. if the password is “secret”, one could type “s”, then some dummy keys “asdfsd”. Then these dummies could be selected with mouse, and next character from the password “e” is typed, which replaces the dummies “asdfsd”.
0 comments:
Post a Comment