Keylogging quietly capture all keystrokes and are generally used to take personal information, such as a password or credit card number. Lisa Bock explains the best defense is to protect against keylogging with techniques such as: use a firewall, employ anti-malware protection, and user account control.
- [Voiceover] Steganography is hiding in plain sight, and dates back to over 2,500 years. Steganography has three basic elements, we need some type of carrier, such as music, or an image, that must be able to pass as the original and appear harmless. Then we have the payload, which is generally the secret message. Then that, using Steganography software, becomes the hidden message. Now, no one, outside of the sender and receiver, should suspect anything.
Because of the digital technology, we can embed a payload in any number of carriers. Closely related to Steganography is a watermark. Now, there are literally hundreds of Steganography tools, some examples include, MP3Stego, which can utilize MP3s, S-Tools, which can use bitmaps, GIFs or WAVs.
An OpenPuff is a professional steganography tool that has a wide of carriers it can use, including PNGs, MP3s or even PDFs. I'm at the command prompt, and we're going to put Jasper as the carrier, with the secret message inside. Alright, that hidden message is now on my desktop, I'll minimize the command line interface, now here it is, and I could change it to anything I want, but we'll just take a look inside.
In order to view this secret message, we'll right click, open with, Notepad, on the top you see it's a JPEG, JFIF, I'll scroll all the way to the bottom, and here we see, this is a secret message. So we can see that, by using a carrier and a secret message, we can hide in plain sight.
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks