Keystroke Loggers record every keystroke made on the system. Lisa Bock compares software and hardware Keyloggers. Software Keyloggers work silently in the background, however can be detected by antimalware protection. Hardware Keyloggers have their own processor and on-board memory, however, you must have physical access to the device.
- [Voiceover] Keystroke Loggers record every keystroke made on the system. They come in two different flavors, software and hardware. A software Keylogger will run in the background and record every keystroke. And then stores the results on a hard drive on the system. Work can be later copied or removed by the attacker. Software Keyloggers can be thought of in two different classes. One which is observable in the Task Manager and can be seen. If a Keystroke Logger can be seen in the Task Manager it can be disabled by simply right clicking and selecting end process.
Then there are Stealth Keyloggers. These are not easily visible. They're a bit harder to detect. However, they can be found and disabled if the user has administrative privileges. Spyware and malware tools will also most of the time pick up Keyloggers as they are a form of spyware. When setting up a Keylogger some Keyloggers send an email after gathering a predetermined amount of activity. Although this might be a handy feature if we send anything such as an email, or information over to another network device, or an FTP Server.
This creates noise. This might alert your anti-malware protection. Other Keyloggers can also monitor online activity. But like most aggressive software, this might slow down a system. And in addition, some Keyloggers can grab screen captures. But again, this is an image, and this activity may fill the hard drive and cause stability problems. Hardware Keyloggers are a little bit different, in that they must be physically attached to the system.
Once on, they record each keystroke and save it to their own onboard memory. Installing a Hardware Keylogger is easy and can be done with little or no experience. However, installation requires physical access to the device. A Hardware Keylogger can be installed inside a keyboard. In addition, it can also be plugged into a USB. A user might not notice it's there. If you can imagine a retail environment where the device is out in the open, however no one really notices that USB device placed in the side of the device.
With Hardware Keyloggers, no software is required. In general, it's undetected by anti-malware protection. In addition, it has it's own onboard processor. Now the benefit of this is it's going to work outside of the operating system and it won't interfere with the processing that happens inside of the system. Also, it's gonna maintain the data if the power is lost. And the contents inside can be encrypted which makes it difficult for anyone to access the data if they were to find the device.
So as you can see there are different Keystroke Loggers. Software runs quietly in the background, but can be picked up by anti-malware protection. But Hardware might be a better option, however you have to access to the system.
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks