logging keystrokes (was encrypted filesystems)

Cedric cedric.de.wijs at softhome.net
Tue Jan 6 15:59:12 PST 2004


At 02:15 PM 1/6/04 -0600, you wrote:

> > The secmem warning in gpg refers to someone rooting your box and reading
> > the memory pages where the password is stored.  Thus, don't let someone
> > root you box.  Yes, it is that simple because once the attacker is
> > considered to be from the next level up in resources the easy attack is
> > installing a hardware keylogger.  Opps, the FBI has already been doing
> > this for several years.  Hardware keyloggers are available on-line for
> > under $100.  So, money is not the issue.  The class of potential attackers
> > is someone close to you or with the resources to blackbag you.
>have they come up with less blatant designs yet?
>ones i saw before were very obvious hardware adapters,
>that you'd notice if you just look behind your box.
>i don't remember how they worked, probably stored the keystrokes
>in a small memory device or something..

I've been looking to ways to get some sort of keylogging going at my lfs box.
I was thinking about catching the io form bash and put it into a logfile, 
my first attempt is this:
bash 2>&1 | tee /somewhere/log.file
It doesn't add to the security of the box, but then you can see what the 
hacker was doing (unless he finds it and deletes the logfiles)

Comments?

Cedric,

Linux believer since KNOPPIX 3.2 / LFS 4.0 / LINUX 2.4.21 / Gcc 3.2
-------------- next part --------------

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.558 / Virus Database: 350 - Release Date: 1/2/04


More information about the hlfs-dev mailing list