[Dshield] good keystroke logger

Joe Matusiewicz joem at nist.gov
Wed Jan 14 17:45:46 GMT 2004


At 12:26 PM 1/14/2004, Johannes B. Ullrich wrote:
>---
>I usually don't post anonymous requests like this. But I know
>the poster and this is 'legit'.
>
>   ju
>---
>
>I have a dilemma and I need some direction from the talented members of
>the DShield security organization.  We have a fairly senior manager that
>is being suspected of doing things not within the scope of the job, so
>to speak.  The bosses have asked me to install a keystroke logger onto
>this person's system, which I don't have an issue doing.  I don't know
>what to install on it that won't be detected easily by Anti virus.  This
>person is fairly savvy when it comes to their system so it has to be
>very stealthy.  I will also use ethereal to trap packets for further
>detail but this keystroke logger is a bit new to me.  Any suggestions?

Johannes,

I've never had to go down this road but I have heard that there are loggers 
that are placed between the keyboard ps/2 cord and the ps/2 plug in the 
computer.  The claim I've heard is that they're pretty much undetectable by 
software.  Hopefully the ps/2 connection is in the back of the computer 
where someone rarely looks.  Try googling "keystroke logger ps/2" to get a 
list of them.

Hope this helps....


-- Joe




More information about the list mailing list