lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <000a01c5f790$f2f0b620$c864a8c0@dopehead>
Date: Fri Dec  2 22:37:18 2005
From: jan at boyakasha.dk (Jan Nielsen)
Subject: Most common keystroke loggers?

> That question opens up a whole lotta other questions, really depends
on
> what you hope to achieve by doing authentication via a compromised
system.
> In my book you should instead try to detect a compromised system and
deny
> them access if they are indeed compromised, ...

>Obviously, then, your book does not include the phrase "Halting 
>Problem"...

Sorry, I don't follow you there, you mean that the scan would halt the
system ? fair enough, I don't think any method of scanning a target is
fool-proof, no matter how its done.

> ... that would be in the end-users
> best interest I think (and of course report your findings to the users
> mailbox or something, don't tell the hacker that you detected his
> keylogger :-) 

>And what machines do you think users are most likely to check their 
>mail from?

Thanks for pointing that out, but you would wan't to somehow relay to
the person not gaining access, why they are not getting in though, a
textmessage/SMS might be wiser.

>And, of course, your suggestion raises a primacy issue -- if you 
>actually did detect the user's machine was compromised before they 
>logged in and thus prevented allowing the login by not allowing the 
>login dialog to be displayed or somesuch (thereby saving the user 
>compromising yet more of their data), how in the heck do you know where

>to send the warning mail?

>Hmmmmm...  Methinks you should think more before responding.

Again, somehow they need to know, i don't have any ideas that can't be
intercepted on a compromised system, other than SMS/textmessage or
something.

Regards,

Jan

>Regards,

>Nick FitzGerald

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ