Frontpage
Forums
Tutorials
Members
Calendar
Subscription
Donate
Links
Contact 
HelpHey.
Apart from the obvious method of installing a anti-virus OR anti-keylogger program, what lese could we do to stop keyloggers (or anything similar) from stealing our important data/passwords etc. ?
Thank you.
Gouki: Title edited. Rules.
Page 1 of 1
[SEC] How to protect ourselves against keyloggers?
Rate Topic:
#1
- Member
-
- Group: Members
- Posts: 139
- Joined: 13-July 04
Posted 04 April 2006 - 01:50 PM
How to protect ourselves against keyloggers (or anything similar)?
Hey.
Apart from the obvious method of installing a anti-virus OR anti-keylogger program, what lese could we do to stop keyloggers (or anything similar) from stealing our important data/passwords etc. ?
Thank you.
Gouki: Title edited. Rules.
Hey.
Apart from the obvious method of installing a anti-virus OR anti-keylogger program, what lese could we do to stop keyloggers (or anything similar) from stealing our important data/passwords etc. ?
Thank you.
Gouki: Title edited. Rules.
Back to top
#2
- MSFN Expert
-
- Group: Members
- Posts: 1,168
- Joined: 19-March 05
Posted 04 April 2006 - 01:54 PM
First, PLEASE read this forum rules.
As for your 'problem' ...
Physical access to machines (no need to Operating System access), is a pretty good problem. Big part of Keyloggers can be connected between the keyboard and the computer. Invisable to the 'distracted' eye, since they are really small 'gadgets'.
As for software based keyloggers, I think the best idea is to instruct users (in a company scenario) to be carefull with eMails and IM. Other than that, maybe keeping an eye open on the services running.
Take care.
P.S: Please try and follow the rules the next time.
As for your 'problem' ...
Physical access to machines (no need to Operating System access), is a pretty good problem. Big part of Keyloggers can be connected between the keyboard and the computer. Invisable to the 'distracted' eye, since they are really small 'gadgets'.
As for software based keyloggers, I think the best idea is to instruct users (in a company scenario) to be carefull with eMails and IM. Other than that, maybe keeping an eye open on the services running.
Take care.
P.S: Please try and follow the rules the next time.
#3
- MSFN Junkie
-
- Group: Banned
- Posts: 3,399
- Joined: 04-December 05
Posted 04 April 2006 - 09:10 PM
Firewall will alert you if anything is trying to send keylogs out through the network.
You also have to be careful of what you download and run.
You also have to be careful of what you download and run.
#4
- Member
-
- Group: Members
- Posts: 139
- Joined: 13-July 04
Posted 05 April 2006 - 11:53 AM
Thanks for your reply.
I wonder if there're some other preventive methods (apart from security-software-based help like Firewall/anti-keyloggers) could be done to prevent keyloggers to record our keyboard activities.
How about if a user type the password via a visual keyboard (by clicking keys on the screen)?
Does it help?
I wonder if there're some other preventive methods (apart from security-software-based help like Firewall/anti-keyloggers) could be done to prevent keyloggers to record our keyboard activities.
How about if a user type the password via a visual keyboard (by clicking keys on the screen)?
Does it help?
#5
- MSFN Expert
-
- Group: Members
- Posts: 1,168
- Joined: 19-March 05
Posted 05 April 2006 - 12:01 PM
Yes. That would help, allot. However, that would not make it completly secure (Well, *nothing* is totally secure).
Implementing an on screen keyboard would help allot, however, there are 'keyloggers' for mouse movements. Randomly changing the buttons from the on screen keyboard, every time it starts, would be a solution to this.
My bank has it and it works like a charm.
Implementing an on screen keyboard would help allot, however, there are 'keyloggers' for mouse movements. Randomly changing the buttons from the on screen keyboard, every time it starts, would be a solution to this.
My bank has it and it works like a charm.
#6
- Member
-
- Group: Members
- Posts: 139
- Joined: 13-July 04
Posted 06 April 2006 - 09:06 AM
Gouki, on Apr 5 2006, 12:01 PM, said:
Yes. That would help, allot. However, that would not make it completly secure (Well, *nothing* is totally secure).
Implementing an on screen keyboard would help allot, however, there are 'keyloggers' for mouse movements. Randomly changing the buttons from the on screen keyboard, every time it starts, would be a solution to this.
My bank has it and it works like a charm.
Implementing an on screen keyboard would help allot, however, there are 'keyloggers' for mouse movements. Randomly changing the buttons from the on screen keyboard, every time it starts, would be a solution to this.
My bank has it and it works like a charm.
Thanks.
Does it matter what onscreen keyboards I use?
Any recommendation?
Is it possible for hackers to record my monitor?
Other than the abovementioned, any other precautions?
#7
- MSFN Expert
-
- Group: Members
- Posts: 1,168
- Joined: 19-March 05
Posted 06 April 2006 - 11:21 AM
It is possible to record your monitor, however, they would need a server side application running at your system. This can be preventedd by carefully choosing what you download and install.
As for suggestions to the OSK ... Sorry, but I have no idea of wich one is best.
Better than all of this? Buy a blackbox (firewall)
As for suggestions to the OSK ... Sorry, but I have no idea of wich one is best.
Better than all of this? Buy a blackbox (firewall)
#8
- Just plain nuts
-
- Group: Members
- Posts: 473
- Joined: 01-May 05
Posted 08 April 2006 - 03:49 AM
When I enter a password on a public computer, I enter the letters in random order. Like instead of entering "password" I might enter "ord", then click before the first character and type "asw", then click after the "a" and type another "s", and so on. By clicking rather than using the arrow keys, it comes out garbled in a key log.
#9
- Member
-
- Group: Members
- Posts: 139
- Joined: 13-July 04
Posted 08 April 2006 - 10:47 AM
HyperHacker, on Apr 8 2006, 03:49 AM, said:
When I enter a password on a public computer, I enter the letters in random order. Like instead of entering "password" I might enter "ord", then click before the first character and type "asw", then click after the "a" and type another "s", and so on. By clicking rather than using the arrow keys, it comes out garbled in a key log.
This trick sounds interesting.
Tease the hyperhacker
This post has been edited by Wai_Wai: 08 April 2006 - 10:53 AM
#10
- Poll: Why are you reading this ?
-
- Group: Members
- Posts: 481
- Joined: 18-May 05
Posted 08 April 2006 - 11:13 AM
Wai_Wai, on Apr 8 2006, 06:47 PM, said:
HyperHacker, on Apr 8 2006, 03:49 AM, said:
When I enter a password on a public computer, I enter the letters in random order. Like instead of entering "password" I might enter "ord", then click before the first character and type "asw", then click after the "a" and type another "s", and so on. By clicking rather than using the arrow keys, it comes out garbled in a key log.
This trick sounds interesting.
Tease the hyperhacker
Too bad, it's easy to work around :
1/ brute force cracking is far easier when you had "keylogged" the right characters
2/ mouse clicks and/or time between key presses allows to know "words" to permit into the password
In fact the only good password is the one which changes randomly after each use
++
This post has been edited by Delprat: 08 April 2006 - 11:15 AM
#11
- MSFN Junkie
-
- Group: Banned
- Posts: 3,399
- Joined: 04-December 05
Posted 09 April 2006 - 01:21 AM
HyperHacker, on Apr 8 2006, 04:49 AM, said:
When I enter a password on a public computer, I enter the letters in random order. Like instead of entering "password" I might enter "ord", then click before the first character and type "asw", then click after the "a" and type another "s", and so on. By clicking rather than using the arrow keys, it comes out garbled in a key log.
#12
- Member
-
- Group: Members
- Posts: 139
- Joined: 13-July 04
Posted 09 April 2006 - 05:13 AM
LLXX, on Apr 9 2006, 01:21 AM, said:
HyperHacker, on Apr 8 2006, 04:49 AM, said:
When I enter a password on a public computer, I enter the letters in random order. Like instead of entering "password" I might enter "ord", then click before the first character and type "asw", then click after the "a" and type another "s", and so on. By clicking rather than using the arrow keys, it comes out garbled in a key log.
So a visual keyboard is a solution to "Delprat & LLXX problems", right?
No one has any idea what visual keyboard should I use?
#13
- Poll: Why are you reading this ?
-
- Group: Members
- Posts: 481
- Joined: 18-May 05
Posted 09 April 2006 - 07:36 AM
Wai_Wai, on Apr 9 2006, 01:13 PM, said:
So a visual keyboard is a solution to "Delprat & LLXX problems", right?
No one has any idea what visual keyboard should I use?
No one has any idea what visual keyboard should I use?
Hit <Win>+U on your keyboard, click on the "visual keyboard" line, then press the "start" button...
About "editboxes hooking", that's for "badly" written apps... some doesn't use "masked editboxes", but "editboxes with real *" (bad explanation, but i hope you'll understand).
I've also seen a "password safe" app whith a masked editbox, but with a false password behind the mask (not the one typed in)
- ← [MISC] Unable to open Active Directory Users and Computers tool
- Networks and the Internet
- [SEC] Do you use TOR? →
Share this topic:
Page 1 of 1