RE: Keystroke logging

From: Guillaume Vissian (somebodyishere@gmail.com)
Date: Fri Jul 01 2005 - 11:31:54 EDT


The proxy will not see everything, if the connection is encrypted with SSL,
or for some other connection like ssh , and more : ssh tunneling the user
will make the proxy logs unusable...

G.
 
-----Message d'origine-----
De : Kurt Keys [mailto:KKeys@sddpc.org]
Envoyé : vendredi 1 juillet 2005 16:45
À : pentest@jitonline.net; pen-test@securityfocus.com
Objet : Re: Keystroke logging

Instead of a Keystroke logger, setup a proxy for your pen-test systems to
use
on their outbound connection to the target. Then have the proxy log
everything
and although you may not have all the mouse clicks and commands typed, you
will have a log of the traffic to and from the target network. To me that is
infinitely
more valuable. But that's just me.
Good Luck,

Kurt Keys
Information Security Specialist
Information Security Department
San Diego DPC

>>> "JB" <pentest@jitonline.net> 6/30/2005 12:36:24 PM >>>
I'm wondering if anyone has either a kernel level keystroke logger for the
Linux 2.6, or a userspace keystroke logger for Linux. As part of our
penetration testing, we are required to give the client a log of all
actions performed - so this would be a good way of logging all linux
commands. Also - if you know of the same sort of tool for windows - that
would also be appreciated.

-J



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:30 EDT