Anti-logger and key scrambler for Linux?

Discussion in 'all things UNIX' started by lucygrl, Dec 5, 2013.

Thread Status:
Not open for further replies.
  1. lucygrl

    lucygrl Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    202
    Is there a good Anti-logger and key scrambler for Linux?
     
  2. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    Not that I know of, but such things aren't really necessary at the moment. There is no ITW malware for Linux that presents a significant threat, and an attacker with direct control of your desktop could probably bypass such measures anyway.
     
  3. guest

    guest Guest

    Would an anti-logger software work in Linux systems though?
     
  4. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    Not sure. I know Linux is actually pretty vulnerable to keylogging, once an attacker has arbitrary code execution; the problem for the attacker is that achieving arbitrary code execution is usually nontrivial (unless you're running outdated applications or something).
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Completely unnecessary (even on Windows).
    Mrk
     
  6. guest

    guest Guest

    In my case, I'll have to agree with this. No need to block specific type of malware if I can block everything. :cool:
     
  7. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    There is only a very few known pure keyloggers designed for Linux.
    Even in my cloud collection of *Nix malwares for research purpose, there is only 9 keyloggers, and all are not functional on every kernel and distro.
    More over, keyloggers are often a part or a module of rootkits, which represent a more statistical threat for Linux environment.
    Then yes, as said Mrk in his radical style, Unnecessary.
    A threat Omega does not requires automatically an anti-Omega medicine...
    This is here not always a good approach in Security...as the first step on every OS should and in *Nix world, must, be system hardening.
    Kernel patch like GRSecurity help to mitigate impact of zero day exploits by reducing privilege escalation attack surface, and by this way, attacker career opportunities (to be root or not to be, that is often the question).
    The GRS patch for instance deny access to /dev/kmem, preventing most common kernel rootkits.
    As AV are useless on Linux, the detection of keyloggers can be done by pattern file matching with tools like RKHunter or Chkrootkit, or by file integrity checking with Samhain HIDS.
    More reliable is the detection via forensic memory analysis, with framework like Volatility wihch includes special keyloggers plugins.
    System hardening also means using virtual keyboard that comes with some distro and desktop like Gnome, that can be installed like Florence, well known in France, or even via a Firefox addons.
    Keyloggers are interesting for stealing password and gaining more privileges, but they are not widely used unlike rootkits, backdoors and sniffing.

    rgds
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    They already don't work well on Windows, there's no support for them on Linux. And with XKeylogging it would be very funny to see someone try.
     
Loading...
Thread Status:
Not open for further replies.