The Ethical Hacker Network - Anti-Keylogger software?

Latest Additions

Who's Online

chaseN_Mdown

Newbie

Offline

Posts: 2

Anti-Keylogger software?

« on: August 06, 2011, 08:59:54 PM »

I was wondering if anyone can recommend any anti-keylogger software.

Preferably free.

Thanks in advance!


	Logged

3xban

Hero Member

Offline

Posts: 608

Re: Anti-Keylogger software?

« Reply #1 on: August 07, 2011, 09:14:54 AM »

Are you looking to detect it? Most current AV software should pick up on it unless the attacker buried it in a rootkit with anti-AV measures. Most enterprise installs of AV contain heuristic scanning which can sometimes pick up on them. Also are you looking to detect physical keylogging devices? You may also want to look into some rootkit detection software (rootkit revealer comes to mind). It might pick up on rootkits that may be hiding keyloggers.

Another way to try and detect is by utilizing more advanced firewall rules. Be sure to block outgoing traffic, might even want to do a block all on the specific system and let all traffic hit the wall. Run a local packet sniffer on the interface (rawdump is nifty or Wireshark). That way you can see if any apps are trying to send out traffic even though you have nothing opened. Its not the keylogger that is the troubling part, but the data it is sending.

hope this helps. Now you got me a little more curious on the topic...


	Logged

Certs: GCWN
(@)Dewser

3xban

Hero Member

Offline

Posts: 608

Re: Anti-Keylogger software?

« Reply #2 on: August 07, 2011, 09:42:14 AM »

Came across this site: http://seussbeta.tripod.com/data.html might be of some use.


	Logged

Certs: GCWN
(@)Dewser

chaseN_Mdown

Newbie

Offline

Posts: 2

Re: Anti-Keylogger software?

« Reply #3 on: August 07, 2011, 12:44:49 PM »

Yes I am looking to detect it. And eliminate hopefully.
It will be software related not physical.

Thanks for the suggestions. The site you linked me to was informative and made me a bit less paranoid.I will look into rootkit detection. I see RootKit Revealer is on CNET so that will be my first try.

I've already installed and ran Ad Aware Free and am thinking about Avast Free for anti virus. What are your thoughts about those?

Do you have a suggestion for a free firewall?

It's actually not a very exciting story. Talked to a few people online. Was sent files. Clicked to open. Computer started acting weird. Eventually gave a warning that a keystroke logger was detected (windows firewall) and here I am.


	Logged

3xban

Hero Member

Offline

Posts: 608

Re: Anti-Keylogger software?

« Reply #4 on: August 07, 2011, 09:03:24 PM »

Win XP or win7? ad-aware is great for detecting ad-ware/spyware related threats but may not detect more advanced programs. I've never actually used avast. I currently use NOD32 and that runs pretty well, they have 2 flavors, Internet Suite and their AV only. Windows 7's firewall is decent enough. It has much more advanced features than the standard XP firewall. With keyloggers you really want to watch the traffic going out, its one thing if they are just logging but if you see traffic leaving your system when you have nothing running, well then you got a problem.

Standard XP firewall doesn't offer much other than inbound traffic exceptions. Get a hold of RawDump or Wireshark and get a scan of your traffic when nothing is running. Wireshark will give you a nice live feed of the data as it is happening.

Also for future preventive measures you can work with this Powershell script that will copy a new hosts file to your system with a blacklist of bad domains.

http://www.sans.org/windows-security/2010/09/14/hosts-file-block-domains

Oh back to AV, Microsoft's free AV - MS Security Essentials - is pretty decent, I've had it catch bad stuff where others have not. And its free for non-commercial use.

Good luck!