Archive for August, 2008


Computer Forensic Focus On Keystroke Logging

Tuesday, August 12th, 2008

Computer forensics or digital forensics has extremely gone under rapid forensic application of computer investigation and is often followed up with expert witness in court. Computer forensics is something which you really need to do regularly in investigation process which will help, boost business and will also present evidence through out the legal process.

To protect your company, business on internet against hacking, you have to know the tactics employed by the hackers which will help you prevent the fraud by staying one step ahead of them. The data generally is hacked by means of phishing, spyware, malware programs, insider attacks, keystroke logging etc. In this article i would like to discuss on the keystroke logging.

Have doubt on what exactly is keystroke logging?

Keystroke logging or keylogging is a method of capturing information and recording user keystrokes through hardware or software program.

The keystroke logging are done remotely to steal credit card and bank account numbers, usernames, passwords and also some times to monitor personal files, emails and FTP to spy them. These keyloggers can be installed through download programs and also through physical access to the computer.

How exactly it works – The key logger uses a web server and appends the browser redirecting it to web pages and when the client downloads the web page and Java script, it redirects to hackers site unknowingly and keyboard logger is installed and the individual user names, passwords, bank pin card numbers are sent to hacker’s website.

Hardware keyloggers are external attachment (a small cable) within the keyboard and the port. This external attachment can be the USB memory stick, external hard drives which are placed on back of the computer and are hard to spot. These devices are invisible to the computer’s user, as these hardware keyloggers are placed inside the keyboard or next to keyboard port.

Software key logger is a program which is installed on a machine with administrative privileges. It can be the device driver that replaces the existing input /output driver with embedded key logging functionality. The functionality will have many options such as encrypting, decrypting and sending the files to a destination across the internet. The log files were hard to find from the operating system files though you go for directory listing of hidden files, as they are hidden.

You can prevent this unsecured accessing of data from web server from being affected by the keystroke loggers through comprehensive intrusive prevention system that defends your network which consists of signature deployment, anomaly detection, and protocol recognition and also you can go for anti-key loggers (software program) to detect key loggers.

These computer forensic tools provide a solution to individuals in detecting the key loggers and for further assistance and help you can go for www.Datatriage.com, which is the best Computer Forensic Expert providing the effective approach to support your online investigation.

As we know these key loggers are simple and easy to install, the best that can be done manually is to prevent keylogging by adopting a good security practices. By having restricted privileges to the users by making them part of the user group, and having administrator group with strong password policy, and also perform physical check of hardware loggers.