.

Anti-Keylogger software?

<<

chaseN_Mdown

Newbie
Newbie

Posts: 2

Joined: Sat Aug 06, 2011 8:49 pm

Post Sat Aug 06, 2011 8:59 pm

Anti-Keylogger software?

I was wondering if anyone can recommend any anti-keylogger software.

Preferably free.

Thanks in advance!
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Sun Aug 07, 2011 9:14 am

Re: Anti-Keylogger software?

Are you looking to detect it?  Most current AV software should pick up on it unless the attacker buried it in a rootkit with anti-AV measures.  Most enterprise installs of AV contain heuristic scanning which can sometimes pick up on them.  Also are you looking to detect physical keylogging devices?  You may also want to look into some rootkit detection software (rootkit revealer comes to mind).  It might pick up on rootkits that may be hiding keyloggers.

Another way to try and detect is by utilizing more advanced firewall rules.  Be sure to block outgoing traffic, might even want to do a block all on the specific system and let all traffic hit the wall.  Run a local packet sniffer on the interface (rawdump is nifty or Wireshark).  That way you can see if any apps are trying to send out traffic even though you have nothing opened.  Its not the keylogger that is the troubling part, but the data it is sending.

hope this helps.  Now you got me a little more curious on the topic...
Certs: GCWN
(@)Dewser
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Sun Aug 07, 2011 9:42 am

Re: Anti-Keylogger software?

Came across this site: http://seussbeta.tripod.com/data.html might be of some use.
Certs: GCWN
(@)Dewser
<<

chaseN_Mdown

Newbie
Newbie

Posts: 2

Joined: Sat Aug 06, 2011 8:49 pm

Post Sun Aug 07, 2011 12:44 pm

Re: Anti-Keylogger software?

Yes I am looking to detect it. And eliminate hopefully.
It will be software related not physical.

Thanks for the suggestions. The site you linked me to was informative and made me a bit less paranoid.I will look into rootkit detection. I see RootKit Revealer is on CNET so that will be my first try. 

I've already installed and ran Ad Aware Free and am thinking about Avast Free for anti virus. What are your thoughts about those?

Do you have a suggestion for a free firewall?

It's actually not a very exciting story. Talked to a few people online. Was sent files. Clicked to open. Computer started acting weird. Eventually gave a warning that a keystroke logger was detected (windows firewall) and here I am.
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Sun Aug 07, 2011 9:03 pm

Re: Anti-Keylogger software?

Win XP or win7?  ad-aware is great for detecting ad-ware/spyware related threats but may not detect more advanced programs.  I've never actually used avast.  I currently use NOD32 and that runs pretty well, they have 2 flavors, Internet Suite and their AV only.    Windows 7's firewall is decent enough.  It has much more advanced features than the standard XP firewall.  With keyloggers you really want to watch the traffic going out, its one thing if they are just logging but if you see traffic leaving your system when you have nothing running, well then you got a problem.

Standard XP firewall doesn't offer much other than inbound traffic exceptions.  Get a hold of RawDump or Wireshark and get a scan of your traffic when nothing is running.  Wireshark will give you a nice live feed of the data as it is happening.

Also for future preventive measures you can work with this Powershell script that will copy a new hosts file to your system with a blacklist of bad domains. 

http://www.sans.org/windows-security/20 ... ck-domains

Oh back to AV, Microsoft's free AV - MS Security Essentials - is pretty decent, I've had it catch bad stuff where others have not.  And its free for non-commercial use.

Good luck!
Certs: GCWN
(@)Dewser

Return to Forensics

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software