Reconnaissance and Surveillance: Keyloggers

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Reconnaissance and Surveillance: Keyloggers

Author: cyberwriter | Published on October 16, 2018 | Views: 1269

keyboard-typingAn important tool for reconnaissance and surveillance, the keylogger is a program that records keystrokes on a device and maps them to a log. By reviewing this log, one can collect a wide range of useful and important information. As users enter their login credentials or other sensitive information into their keyboards, the keylogger collects this input. It does so in a way that the information can be found and extracted.

How is a keylogger installed?

There are many programs out there that offer keylogging functionality. One of which includes old-school Linux terminal applications like LogKeys and advanced programs with graphical interfaces and paid features. Whichever program is being used, the function is the same: Collect and store keystrokes. These programs can be installed simply and indiscreetly from the internet with physical access, but a skilled user could even install keyloggers remotely. This is done through compromised networks, remote access, phishing, and other methods of spreading malware. As for how a keylogger is used, the process is simple. Enable the keylogger and collect information from its output in the log file. By configuring the program, you can choose where the log is stored, how frequently the keylogger is active, which keywords to scan for, and several other secondary features. As with many other tools, the keylogger can be used for both malicious and beneficial purposes.

How can a user protect themselves from keyloggers? Protection from keyloggers is accomplished in a few ways.

  1. A user can take steps to prevent their installation.
  2. Detect keyloggers already installed on a device.
  3. Remove keylogging programs from devices entirely.

Specialized software has been designed to detect keyloggers on computers, but it can also be done manually. A user can disable all applications from communicating over the network. Of course, exceptions can be made for pre-approved applications. This is known as whitelisting. A user could also use the use of network monitoring programs like Wireshark to detect programs communicating data to unknown devices.

While there is a variety of keylogging tools available, keyloggers fall into two categories; software, and hardware. The keyloggers just described are software keyloggers. However, there also exists physical devices that can record keypresses. These may be:

  1. Faux connectors between the keyboard and the PC
  2. Devices installed directly into keyboards
  3. Or wireless devices that can detect and reveal keypresses sent between a PC and a wireless keyboard.

Beyond the method of how the individual keyloggers work, it is important to know about each tool, how to it, and how to prevent their installation.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel