[FireLion] Anti Keyloggers Test version

hello all,
We are going to release a new Anti Keyloggers and need your help to test the application.
Here is the test version and it will be different (GUI) in the 1.0 version.

Please check more informations here: http://the-best-soft.com/forum/viewtopic.php?f=18&t=30&p=35#p35

and give us your suggestions.

Thanks for your time.

 

Ok cool program seems to catch keyloggers, it passes the AKLT.exe test(s). You think you can add feature to stop screenshots or captures? Faststone Capture is able to capture screen shots with no prompts.

 

of course YES. We're adding ALKT screenshot #2 test.
Please check this topic to see what we are doing:
http://the-best-soft.com/forum/viewtopic.php?f=20&t=29

 

Looks interesting. Any idea if you'll be putting out a version that doesn't need to be installed? I'm still looking for a good anti-keylogger that can be run off a usb flash drive and can pass most if not all of the AKLT tests. Please consider making one that can be run off a portable flash drive as well.

 

hi Blue Ring,
Your idea is a good idea. We can make a portable version but you still need Administrator rights to load the driver. How do you think ?
The Test version I posted above can run on your flash drive without any installation. You can check it and tell me the problems if it has

 

It seems there is not anyone else interested in Anti Keyloggers application ?

 

Well, keyloggers don't worry me (policy-based sandbox + common sense)

 

Many people here are worried about keyloggers, just be patient Hoang

 

@lucas1985: In some cases, sandbox does not help much and you maybe forgot to clear your sandbox before typing sensitive informations.
@AJohn: Yeah, but it seems most of users wait for final product ) ? There is not any comments else.

 

Sandboxie can be configured to stop any outbounds except for your browser.

A sandboxed keylogger may be able to log but it can't send the info out.

Never the less there is always room for a decent anti-keylogger.

 

I already have software for keylogging, but many do not. Maybe you are right about them waiting for a final

 

Lots of people are interested ... it just takes time for them to jump on ....

 

How can Sandboxie be so configured? - thanks!

 

Personally I'd rather have a virus destroy my drive than a keylogger getting the info about my banking activities.

Of all Malware keyloggers scare me the most.

 

My sandbox is very good against keyloggers. It blocks most of the keylogging techniques. Also, my sensitive information is inside Truecrypt containers and I have rules in my sandbox (GeSWall) to deny access to folders and volumes marked as confidential.

Never. A bit of discipline is necessary.
If you want maximum protection, a Linux LiveCD and a VPN to a trusted endpoint is your best bet against keylogging, snooping and eavesdropping. Only a hardware keylogger might capture something.

 

man, we're not talking about *nix or other OSes here.
And if you have the best system, feel free to tell LM1 how to config it.

 

Hi,

Looks like a nice tool, it passed all the tests (AKTL.exe), great job. On my VM it didn´t seem to cause any problems with my other security tools installed, but I need to test this more. And why isn´t there more interest? Well, perhaps because not a lot of people know your company yet, the tool isn´t finished (no GUI), and it´s not freeware. This is just my guess.

 

It can be set through SB's gui or you can manually edit the ini file by adding the lines below.

Replace firefox with the browser you will sandbox and don't forget to hit "Reload Config" after a manual edit.

Code:

ClosedFilePath=!firefox.exe,\Device\Afd*
ClosedFilePath=!firefox.exe,\Device\Tcp
ClosedFilePath=!firefox.exe,\Device\Udp
ClosedFilePath=!firefox.exe,\Device\RawIp

Set through the gui

 

Well, Linux has evolved greatly, so much that a noob like me can use it without too much difficulty.

A good starting point is this Wiki at Castlecops. Using a VPN has become relatively user-friendly recently. Then, researching a bit on encryption (the TrueCrypt docs are a good starting point) and having a security setup place round a very balanced and strong protection.

 

Hi,

@ The developer

Can you perhaps explain why AK needs to do the following things:

1 Have "Direct access to memory"
2 Have "Low level keyboard access"
3 Install 2 hooks

Actually, I can imagine why it needs to do these things, but the strange thing is that even if you block all this stuff, it still manages to work correctly. Even worse, it´s able to completely bypass SSM and NG when it comes to the driver loading part! When I try to run it via Sandboxie, the system freezes. TF tries to put up a fight but also fails to stop it. Can anyone test this tool against other HIPS?

 

FireLion does not work unless the above features are allowed.

 

Well, that´s my problem, on my VM it seems like eventhough certain things are blocked, it continues to work correctly (keylogging is stopped), so either it only needs the driver (which can´t be blocked by the HIPS that I tested) or HIPS can´t block a single thing that AK tries to do, eventhough they report blocking this stuff. I´m worried that this tool has actually exposed some bugs in certain HIPS, or it might be some conflict on my system. And that would be another prove why it´s not wise to run several HIPS/security tools together.

 

can you tell me what HIPS did you test ? I'll try that software and have some solution for this.

 

He tested SSM and NG

 

I've just tested with System Safety Monitor. When SSM asked me to create rule for AntiKeylogger. I added and everything worked correctly. ALTK does not work anymore.