Abstract: The security of computer systems is of major concern to all users. Millions of dollars are spent annually to reduce systems vulnerability. However, a cursory review of published reports reveals that losses due to intentional or unintentional security failures are increasing.|
Hardware v/s Software
earlier, two types of keystroke loggers are in existance. One being hardware,
the other, software. Hardware type keystroke loggers do pose several advantages
over their software counterparts. In addition, there are disadvantages as well.
However, these "minuses" can be very easily overcome provided that physical
installation is done properly and intelligently.
First of all, with
software oriented loggers, actual keystroke capture can only occur when the
operating system as well as the keytrapping software are loaded. Once the
computer shuts down, the keytrapping software is gone as well.
Keyghost II Professional, keystokes are recorded from the time the computer is
powered on until it is powered off even during the time when the operating
system is not activated or when a system failure occurs. Secondly, it is
impossible to detect through software means as 1) No software is required for
the actual monitoring process, and 2) All activity is processed outside the
physical machine inside their internal flash memory.
As this hardware
device does not require HDD or other media storage, there is no longer the risk
of corrupted log files with the cause being failed media. And lastly, the
Keyghost II Professional require only the initial installation and it is
maintenance free operation after that.
The primary drawback is the fact
that if a user comes to know of the device, he or she can easily detach it from
the system, hence the end of all keystroke monitoring. However, the Keyghost II
Professional can be hardwired inside the keyboard, so that it will not be easily
detected and unplugged.
The other "minus" is this. Current designs cannot
redirect keystrokes to a central location. This makes more work for
administrators if an unauthorized access is suspected. Depending on demand,
future developments can rectify this problem. However, there are privacy issues
to be addressed before such development can be considered.
Of course, the
manufacturer has already thought of the potential drawbacks and have released
other products which are even more difficult to detect. But more on that
does it work?
Once the Keyghost II Professional is installed, simply power up
the computer and the device is automatically in operation and keystroke
monitoring begins immediately. It is totally independent of the functioning of
the rest of the computer system and you do not have to wait until the OS is
loaded for the device to work.
Once you wish to recover the keystrokes
(the device MUST be plugged in), load up any text editor (Notepad for example)
and enter in your password. The initial password is set at the factory and is
documented in the manual itself.
The process is actually quite neat. Once
I loaded Notepad, all I had to do was type a password (the Keyghost
automatically monitors for the sequence of characters and checks if it matches
the defined password) and a menu pops up in the text editor window
Do note that the
password MUST be entered without error.
Hitting the backspace or delete key automatically results in an unrecognized
||Use the power of Google to search all of PCSTATS and the PCSTATS Forums. Tell us what you think of this new feature - FEEDBACK?||