« How to get a Hotmail password (III): Social engineering
Defeat the hardware keylogger »

How to get a Hotmail password (IV): Keyboard logging

Published by
madelman
March 2, 2006 in Security, Passwords and Beginner. Tags: none.

Keyboard logging is the name of the technique used to record all keys pressed by the user of a computer so we can know what he has been doing and all the text he has entered. Of course, if he has used that computer to log into his email account he will have entered the password so it will be recorded with the rest of the data.

There are two different types of keyloggers, software-based and hardware-based ones. The hardware based ones have to be connected between the keyboard and the computer, so you need to have physical access to it to install and to recover the data. On the other hand, these can not be detected with software so they can be hidden quite easily if the keyboard connector is not at plain sight.

Hardware keyboard loggers are not always a malign tool, they can also be used to keep a backup of text written in your computer. For example, Keyghost sells loggers with up to 1 megabyte of memory, where you can save lots of keypresses. If you are a writer or are writing something really important for you, as your thesis, it might be handy to have one of this in case something happens to your harddisk. Any way, this should be no substitute of correct and timely backups, but can be of great help.

The software based ones are simple programs which remain resident in the memory of the computer, monitoring all pressed keys and recording them to a file which can be later retrieved by the attacker. The most sophisticated ones are really stealthy and can even send the collected data by email, so the process is automated.

To protect against keyloggers the most important measure we can take is not to use critical passwords in computers not owned by us. So, don’t login into your bank or your email account in an Internet cafĂ©, at university or from work, only do so from your home machine. If you must do it, then you better check the connection from the keyboard to the computer to see if there’s some strange gadget attached to it.

To protect against software keyloggers, we can use classical antivirus or antispyware but some keyloggers (mainly custom made ones) are not detected by these utilities, so we can use KL-Detector, a software that checks if any program is recording the keys to a file.


Related posts:

3 Responses to “How to get a Hotmail password (IV): Keyboard logging”

Feed for this Entry Trackback Address
  1. 1 Becoming paranoid » How to get a Hotmail password (or any other web based email)
    Pingback on Mar 2nd, 2006 at 11:44 am
  2. 2 Becoming paranoid » Defeat the hardware keylogger
    Pingback on Mar 2nd, 2006 at 12:40 pm
  3. 3 » Defeat hardware keylogger with SuperGlue » Becoming paranoid » Tips about computer security, privacy and staying safe online
    Pingback on Apr 22nd, 2006 at 7:41 pm

Leave a Reply

« How to get a Hotmail password (III): Social engineering
Defeat the hardware keylogger »
Text Link Ads

About

Becoming paranoid is a weblog about computer security, privacy and staying safe online, specially dedicated to novices
If you want to know something more about us, visit our contact page.

If you enjoyed Becoming paranoid, you can have a look at the rest of our blogs:



Sponsored links


Search

Search in the Becoming paranoid Archive


Subscribe

Enter your email address:

Delivered by FeedBurner