Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: randomizing keyboard input

from [Larry Offley] Network Security [Permanent Link]
Subject: Re: randomizing keyboard input
Date: Fri, 14 Sep 2007 18:29:08 -0700
It might slow down non-hardware keyloggers. The thing is there is software that can unrandomize simple letter exchanges. So if I capture a few paragraphs of keystrokes it should be fairly easy (possible even by hand) to determine the correct letter exchanges. Nice Idea but unless you had hardware and software that worked together (like the smart cards that change pins every sec minutes). What you need is keyboard that encrypts the keystrokes and then software reversed it. Again the problem is If i can run software on your system (ie a keylogger) I can probably run anything I want.

Larry Offley
http://security.offley.ca



Cypher wrote: 
alo alo,
  a friend and i have been working on an idea.  We want to create a
framework the randomizes the keyboard input.  heres the basics, we all
know that the theres a keyboard layout, dumpkeys in linux will show you
what there is, what were trying to do is take and make a random
keylayout on boot, then find a way to decrypt this for an applications.
basically, were trying to find a way past keyloggers.  if a keylogger is
logging what you type, but the keylayout is randomized from the keyboard
to application, then the keylogger is no good.  were trying to create a
framework for this but are having some trouble coming up with some
basics on how to remap the keylayout to say the device input of the
keyboard to the output device like the application openoffice. if this
could be accomplished then it would defeat the purpose if keyloggers
since they depend on standard keyboard layouts to decode keyinputs. has
anyone come across an appication or idea like this that would be of
help?  or even just some thoughts that would lead us in the right
direction would be greatly appreciated.  thank you all for your time.




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Technitium MAC Address Changer v4.7 Released, Shreyas Zare
Next by Date:  Re: Wiping Solaris Servers, Bill Stout
Previous by Thread:  randomizing keyboard input, Cypher
Next by Thread:  Re: randomizing keyboard input, Jerome Athias
Indexes:  [Date] [Thread] [Top] [All Lists]