[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <003f01c5f771$6824e260$c864a8c0@dopehead>
Date: Fri Dec 2 18:51:32 2005
From: jan at boyakasha.dk (Jan Nielsen)
Subject: Most common keystroke loggers?
That question opens up a whole lotta other questions, really depends on
what you hope to achieve by doing authentication via a compromised
system. In my book you should instead try to detect a compromised system
and deny them access if they are indeed compromised, that would be in
the end-users best interest I think (and of course report your findings
to the users mailbox or something, don't tell the hacker that you
detected his keylogger :-)
Keyloggers come in quite a few different shapes and sizes, and just
detecting the most common ones is not really that future-proof, tomorrow
someone will develop another way of hooking into the keyboard buffer, or
some other way you never thought of yourself. However the most common
ones today would be the ones hooking into the windows api (not that hard
to detect) and the screen capture ones I think (a bit more difficult)
But that really raises the question : is keylogging really the only
thing constituting a compromised system ? Answer : NO, many other types
of software could make your system compromised, so what you need to
think about is : what do I want to protect/enforce/check :
- The endusers login information, so as it can't be stolen or re-used ?
- The integrity of the transactions, has someone changed the info on its
way from the input into the application to the website ?
- The identity of the person behind the keyboard, is the user who you
think he is ?
That might help you in deciding what stuff you need to
develop/implement.
Hope this helps a bit :-)
Jan
-----Original Message-----
From: boyakash@...goodydomains.com [mailto:boyakash@...goodydomains.com]
On Behalf Of Shannon Johnston
Sent: 1. december 2005 18:25
To: full-disclosure@...ts.grok.org.uk
Subject: [Full-disclosure] Most common keystroke loggers?
Hi All,
I'm looking for input on what you all believe the most common keystroke
loggers are. I've been challenged to write an authentication method (for
a web site) that can be secure while using a compromised system.
Thanks,
Shannon
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists