View Full Version : Questions about Software Keyloggers
Rmus
April 20th, 2005, 07:31 PM
1) How do they get installed (assuming no one gets physical access to your computer)
2) After installation does the computer have to reboot before the Keylogger program can work?
3) How does the Keylogger program send out its captured information? One article had this:
"A keylogger is software that copies a computer user's keystrokes to a file, which it may send to a hacker at a later time."
How? Outbound through a port? By email?
Thanks,
-rich
Bethrezen
April 20th, 2005, 08:42 PM
hi
let me try to explain
{QUOTE-> 1) How do they get installed (assuming no one gets physical access to your computer) <-QUOTE}
there are a number of methods but usually they would be installed by a hacker remotely through a back door on your system created by a RAT (Remote Access Trojan)
{QUOTE-> 2) After installation does the computer have to reboot before the Keylogger program can work? <-QUOTE}
honestly I don't know but my guess would be no
{QUOTE-> 3) How does the Keylogger program send out its captured information? One article had this: <-QUOTE}
again there can be a number of methods if your infected with a trojan then it could send them through the backdoor created by that trojan or by email mabe or perhaps by some other open port on your computer such the one used by spammers to abuse windows messaging service not to be confused with windows messenger
hope this answered your question
Rmus
April 20th, 2005, 09:15 PM
Thanks for the reply.
Regarding getting installed:
{QUOTE-> There are a number of methods but usually they would be installed by a hacker remotely through a back door on your system created by a RAT (Remote Access Trojan) <-QUOTE}
I suppose that user alertness and a robust firewall are two important safeguards.
About sending out the logged info:
{QUOTE->
again there can be a number of methods if your infected with a trojan then it could send them through the backdoor created by that trojan or by email mabe or perhaps by some other open port on your computer such the one used by spammers to abuse windows messaging service not to be confused with windows messenger <-QUOTE}
A properly configured firewall should prevent the open port possibility, but would probably not prevent other means, such as
1) an SMTP mail program that was attached to the trojan, or
2) Outbound by an application (installed with the trojan) that launches other applications.
---
Rmus
vBulletin® Copyright ©2000-2009, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2009, Wilders Security Forums