-
March 26th, 2007, 11:27 AM
#1
How can i protect from keylogger?
How do I setup an alarm that will go off if someone installs and runs a keylogger in my network?
Could I also prevent the person from accessing the logger by having the system auto-set a password (non-default) before he does? maybe that would prevent him from even getting a chance to use it.
-
March 26th, 2007, 01:37 PM
#2
what sort of network?
what sort of keylogger?
what monitoring/control software do you already have in place?
why are you so worried about key loggers specifically?
are your users trusted enough to even install software in the first place?
If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.
-
March 26th, 2007, 02:47 PM
#3
Dont make them-users- administrators of the machine...usually limits the install of software...assuming windoz here
as for hardware keyloggers....dont know/?
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
March 26th, 2007, 02:49 PM
#4
and what about self contained programs that just run without an install.
If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.
-
March 26th, 2007, 03:39 PM
#5
Security is a mutli level issue...
one of those levels is monitoring....and the software installed on machines...
Have an AUP...(acceptable use policy)
If user violates it...fire them
MLF
Last edited by morganlefay; March 26th, 2007 at 05:01 PM.
How people treat you is their karma- how you react is yours-Wayne Dyer
-
March 26th, 2007, 07:14 PM
#6
this is a semi-public network at a technology and entertainment education center where access and installations are necessary. i hang out with the admins but don't run the show. he kicked out this guy who installed stealthkeylogger or spy____ (i think)... saw him while he was patrolling the lab. my friend was looking for a setup/program that could auto-detect such installs without denying ordinary program installs. i dont know the details of his network platforms or logs, and probably wont see him anytime soon until i get a job.
-
March 26th, 2007, 08:02 PM
#7
Give the users limited accounts. As for software app to stop the execution of a program run off a flash disk - I dont know ...
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
March 26th, 2007, 09:13 PM
#8
Originally Posted by Cider
Give the users limited accounts. As for software app to stop the execution of a program run off a flash disk - I dont know ...
as i just posted, i cant set 100% limited accounts bc users need to have ability to install and run their own programs. or if i do, would i have to list all the programs they can/cant run? gonna be a long research till i can make a huge library. i'd hate to have to do that.
-
March 27th, 2007, 12:49 AM
#9
You could try this:
http://dewasoft.com/privacy/kldetector.htm
You would need to check that it was still installed and running.
Basically the scenario you describe is a no hoper. I would imagine that the machines are shared by multiple users.
If you used something like the above, you would have to educate the users to check that it started and was still running before they logged out. It would require a script to disable it and re-enable it which would be beyond the wit of most skiddies.
There again, you can get a demo of a process protector from DiamondCS, that allows you to protect one process. You would have to buy it if you wanted to protect more.
You will not be able to detect a physical keylogger with software.
And, put a warning on each screen "This system is not secure.......do not use it to transmit personal, confidential or financial data"
As a scanner, A-Squared is very good at finding keyloggers in particular......... run that every night?
As I said, pretty much a no-hoper there.
-
March 27th, 2007, 12:24 PM
#10
well, lets ask the extra question,
WHY do users need to be able to install their own software? I know its annoying to have to install every single piece of software, but I can't imagine the chaos if our users could install software. Never mind keyloggers, what if they put a bit torrent client on there? Never mind the spray of viruses you could get from the net.
thought occurs that things that just run won't persist after logoff, need an installer to add registry keys. Of course, if users have access to the registry.....
If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.
Similar Threads
-
By earthbound4u in forum Network Security Discussions
Replies: 18
Last Post: December 5th, 2006, 10:43 PM
-
By MrLinus in forum Phishing and Cyber Scams
Replies: 4
Last Post: March 3rd, 2005, 03:19 PM
-
By eaz135 in forum AntiOnline's General Chit Chat
Replies: 1
Last Post: April 13th, 2003, 04:04 AM
-
By truly_hacking in forum AntiOnline's General Chit Chat
Replies: 17
Last Post: November 19th, 2002, 05:36 PM
-
By Ryan Nyquist in forum Microsoft Security Discussions
Replies: 10
Last Post: May 22nd, 2002, 05:39 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|