KEMBAR78
password cracking and Key logger | PPTX
Patel Mit, profile picture
Uploaded byPatel Mit
PPTX, PDF2,982 views

password cracking and Key logger

This document discusses password cracking and keyloggers. It defines passwords and describes different types of password attacks like dictionary attacks and brute force attacks. It also lists popular password cracking tools. The document also defines keyloggers and discusses how they can be used legitimately for monitoring or illegally to steal sensitive information. It provides examples of hardware and software keyloggers and describes some methods of preventing keylogger infections like using antivirus software and alternative keyboards.

Downloaded 82 times
Prepared By: • 1. Dabhi Pragnesh M. (140760109005) Guided By:- Prof. Richa Mali
Index  Password cracking  Key logger and spyware
Password Cracking : • What is Password? • Password Cracking Concepts • Types of Password Attacks • Application Software Password Cracking • Hardening the password
What is Password • String of characters for authentication and log on computer, web application , software, Files , network , Mobile phones, and your life  • Comprises: [a-zA-z, 0-9, symbols , space]
Password Characteristics • No short length • No birthday or phone number, real name , company name • Don’t use complete words or Shakespeare quotes  ▫ Example: ▫ Hello123: Weak ▫ @(H311l0)@: Strong ▫ Easy to remember, hard to guess
Password Security • Don’t use your old passwords • Don’t use working or private email for every website registration such as games, news,….etc.
Password Cracking Concept • guessing or recovering a password • unauthorized access • To recover a forgotten password • A Penetration testing step ( e.g. Network and Applications)
Type of Password Attacks  Dictionary Attack  Brute Force Attack  Rainbow table attack  Phishing  Social Engineering  Malware  Offline cracking  Guess
Password Cracking Types:(Guessing Technique) I have tried many friends house and even some companies that , their password was remained as default, admin, admin . (Using Guessing Techniques)
Password Cracking Types: (Phishing)
Password Cracking Types:(Social Engineering)  sometimes very lazy genius non-IT Geeks can guess or find out your password
Password Cracking Tools  Brutus Remote online cracking tool, Windows base, free, supports:(HTTP, POP3, FTP, SMB, ...etc), resume/pause option .no recent update but still on top ranking.  RainbowCrack Hash cracker tool, windows/linux based, faster than traditional brute force attack, compare both plain text and hash pairs. Commercial and free version  Wfuzz Web application brute forcing (GET and POST), checking (SQL, XSS, LDAP,etc) injection  Cain and Able *** Few features of password cracking ability: Syskey Decoder,VNC Password decoder , MS SQl MYSQL and Oracle password extractor Based64, Credential Manager Password Decoder, Dialup Password Decoder,PWL Cached Password Decoder, Rainbowcrack-online client, Hash Calculator,  John the Ripper Offline mode, Unix/linux based, auto hash password type detector, powerful, contain several built-in password cracker  THC Hydra Dictionary attack tool for many databases, over 30 protocols (e.g. FTP.HTTP,HTPPS,...etc)  Medusa  AirCrack-NG WEP and WPA-PSK keys cracking, faster than other WEP cracker tools  OphCrack  L0phtCrack
Password Cracking Types:(Offline Cracking)  We have enough time to break the password  Usually take place for big data  Or very strong and complicated password  After attack  Forensics investigation
Password Hardening  Techniques or technologies which put attacker, cracker or any other malicious user in difficulties  Brings password policy  Increase the level of web,network , application and physical access of to the company or organization.  Using biometric technologies such as fingerprint, Eye Detection, RFID Tag Cards….etc  All the Security solution just make it more difficulte. Harder but possible
Password Cracking Depends on  Attacker's strengths  Attacker's computing resources  Attacker's knowledge  Attacker's mode of access [physical or online]  Strength of the passwords  How often you change your passwords?  How close are the old and new passwords?  How long is your password?  Have you used every possible combination: alphabets, numbers and special characters?  How common are your letters, words, numbers or combination?  Have you used strings followed by numbers or vice versa, instead of mixing them randomly?
Key logger and spyware Define Key logger Hardware Examples Software Examples Prevention
What is Keylogging? Keystroke logging A program or hardware device that captures every key depression on the computer Used to monitor employee performance Used to seal private information
Malicious Uses… Besides being used for legitimate purposes, keyloggers can be hardware installed to a computer or software that is used to collect sensitive information. The types of sensitive information include: Usernames & Passwords Credit Card Numbers Person Information such as Name, Address, etc.
Keylogging Hardware... These small devices connect directly on the end of a keyboard to the port on the computer and look rather unassuming. At a later time the person who installed the keylogger can come back to retrieve it. They are easily removed. Source: http://epic.org/privacy/dv/keylogger_hw.gif
Software… There are hundreds of keylogger programs available over the internet for download. There are three ways for an attacker to install the software on an unsuspecting computer. 1. Install it from a compact disc or floppy disk. 2. Package the software as a computer virus or trojan horse. 3. Gain access to the computer over a network and install surveillance software remotely.
Viruses… A simple search of a virus encyclopedia shows 500 examples of keylogging malware.
Prevention… There are several ways to prevent Keyloggers: • Anti-Virus/Spyware & Firewalls • Automatic Form Fillers • Alternative Keyboard Layouts • On screen Keyboards
Anti-Virus/Spyware & Firewalls... As with any Virus or Spyware you should make sure that you have up-to-date protection. Anti-Virus: Make sure its running and using the latest virus definitions. Anti-Spyware: Same as your Anti-Virus Software, update regularly. Firewall: Make sure its active. It’s the first line of defense from online intrusions.
AutoForm Fillers… A common feature of Web Browsers including Internet Explorer and Firefox. Works against keyloggers but vulnerable to other security breaches.
Alternative Keyboard Layout... Alternative keyboards make captured keystrokes look like nonsense You can customize your own board with Microsoft Keyboard Layout Creator
On Screen Keyboards... Software based keyboards are not very effective. Clicks are converted back to keystrokes.
On Screen Keyboards... Web-based Keyboards offer more protection and are often found in online games.
Summary... Key Loggers record keystrokes: • Legitimate use: Monitor employee productivity • Illegal uses: Steal passwords, usernames, and other personal/corporate data There are ways to protect yourself: • Be aware of what’s installed on your computer • Use caution when surfing the internet • Keep your computer’s security software updated

More Related Content

PPTX
Cryptography - 101
byn|u - The Open Security Community
 
PPTX
Password craking techniques
byأحلام انصارى
 
PPTX
Password Cracking
bySagar Verma
 
PPTX
MD5 ALGORITHM.pptx
byRajapriya82
 
PDF
Secure Code Review 101
byNarudom Roongsiriwong, CISSP
 
PPTX
Ransomware
byChaitali Sharma
 
PPTX
Password Cracking
bySina Manavi
 
PPTX
Sql injection in cybersecurity
bySanad Bhowmik
 
Cryptography - 101
byn|u - The Open Security Community
 
Password craking techniques
byأحلام انصارى
 
Password Cracking
bySagar Verma
 
MD5 ALGORITHM.pptx
byRajapriya82
 
Secure Code Review 101
byNarudom Roongsiriwong, CISSP
 
Ransomware
byChaitali Sharma
 
Password Cracking
bySina Manavi
 
Sql injection in cybersecurity
bySanad Bhowmik
 

What's hot

ODP
Ethical hacking ppt
byhimanshujoshi238
 
PPT
Software security
byRoman Oliynykov
 
PPTX
Understanding Cross-site Request Forgery
byDaniel Miessler
 
ODP
Email security
byAhmed EL-KOSAIRY
 
PPTX
E mail forensics
bysaddamhusain hadimani
 
PPTX
Network Security Nmap N Nessus
byUtkarsh Verma
 
PPTX
File upload vulnerabilities & mitigation
byOnwukike Chinedu. CISA, CEH, COBIT5 LI, CCNP
 
PDF
Social engineering attacks
byRamiro Cid
 
PPTX
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
PPT
Symmetric & Asymmetric Cryptography
bychauhankapil
 
PPTX
Buffer overflow attacks
byJoe McCarthy
 
PPTX
Elgamal & schnorr digital signature scheme copy
byNorth Cap University (NCU) Formely ITM University
 
PPTX
Social Engineering new.pptx
bySanthosh Prabhu
 
PPTX
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
PDF
Hunting Lateral Movement in Windows Infrastructure
bySergey Soldatov
 
PDF
Ch 4: Footprinting and Social Engineering
bySam Bowne
 
PPTX
Operating system security
bySarmad Makhdoom
 
PPTX
OSI Security Architecture
byuniversity of education,Lahore
 
PDF
Introduction to red team operations
bySunny Neo
 
PPSX
Brute force attack
byJamil Ali Ahmed
 
Ethical hacking ppt
byhimanshujoshi238
 
Software security
byRoman Oliynykov
 
Understanding Cross-site Request Forgery
byDaniel Miessler
 
Email security
byAhmed EL-KOSAIRY
 
E mail forensics
bysaddamhusain hadimani
 
Network Security Nmap N Nessus
byUtkarsh Verma
 
File upload vulnerabilities & mitigation
byOnwukike Chinedu. CISA, CEH, COBIT5 LI, CCNP
 
Social engineering attacks
byRamiro Cid
 
Introduction To Exploitation & Metasploit
byRaghav Bisht
 
Symmetric & Asymmetric Cryptography
bychauhankapil
 
Buffer overflow attacks
byJoe McCarthy
 
Elgamal & schnorr digital signature scheme copy
byNorth Cap University (NCU) Formely ITM University
 
Social Engineering new.pptx
bySanthosh Prabhu
 
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
Hunting Lateral Movement in Windows Infrastructure
bySergey Soldatov
 
Ch 4: Footprinting and Social Engineering
bySam Bowne
 
Operating system security
bySarmad Makhdoom
 
OSI Security Architecture
byuniversity of education,Lahore
 
Introduction to red team operations
bySunny Neo
 
Brute force attack
byJamil Ali Ahmed
 

Viewers also liked

PPTX
Manometer
byPatel Mit
 
PDF
Ce Hv6 Module 18 Web Based Password Cracking Techniques
byKislaychd
 
PDF
Ceh v5 module 13 web based password cracking techniques
byVi Tính Hoàng Nam
 
PPTX
Ethical Hacking
byPallavi Sonone
 
PDF
Discovering Google Secrets
bySteve Yuen
 
PDF
The art of android hacking
byAbhinav Mishra
 
PDF
Growth Hacking For Mobile - Hack 2 Validate & Hack 2 Grow
byandreehuk
 
PDF
Stealing sensitive data from android phones the hacker way
byn|u - The Open Security Community
 
PPTX
Manometer
byPatel Mit
 
PDF
Hacking Android OS
byJimmy Software
 
PPT
Mobile phone Data Hacking
byMd Abu Syeem Dipu
 
PPTX
Hacking Mobile Apps
bySophos Benelux
 
PPTX
Password Attack
bySina Manavi
 
PPTX
Android Hacking + Pentesting
bySina Manavi
 
PDF
Mobile Hacking
byNovizul Evendi
 
PDF
Grow Hack Athens Pt.1: Growth Hacking For Web Apps
byGrowthRocks
 
PDF
Intro to White Chapel
byRob Fuller
 
PPTX
password cracking using John the ripper, hashcat, Cain&abel
byShweta Sharma
 
PPT
TYPES OF HACKING
bySHERALI445
 
PPTX
Hacking ppt
bygiridhar_sadasivuni
 
Manometer
byPatel Mit
 
Ce Hv6 Module 18 Web Based Password Cracking Techniques
byKislaychd
 
Ceh v5 module 13 web based password cracking techniques
byVi Tính Hoàng Nam
 
Ethical Hacking
byPallavi Sonone
 
Discovering Google Secrets
bySteve Yuen
 
The art of android hacking
byAbhinav Mishra
 
Growth Hacking For Mobile - Hack 2 Validate & Hack 2 Grow
byandreehuk
 
Stealing sensitive data from android phones the hacker way
byn|u - The Open Security Community
 
Manometer
byPatel Mit
 
Hacking Android OS
byJimmy Software
 
Mobile phone Data Hacking
byMd Abu Syeem Dipu
 
Hacking Mobile Apps
bySophos Benelux
 
Password Attack
bySina Manavi
 
Android Hacking + Pentesting
bySina Manavi
 
Mobile Hacking
byNovizul Evendi
 
Grow Hack Athens Pt.1: Growth Hacking For Web Apps
byGrowthRocks
 
Intro to White Chapel
byRob Fuller
 
password cracking using John the ripper, hashcat, Cain&abel
byShweta Sharma
 
TYPES OF HACKING
bySHERALI445
 
Hacking ppt
bygiridhar_sadasivuni
 

Similar to password cracking and Key logger

PPTX
Password cracking and brute force tools
byzeus7856
 
PPT
Aiman
byAimanz
 
PPTX
Cybersecurity Essentials - Part 2
byShobhit Sharma
 
PPTX
secure from Phishing Hacking and Keylogger
byAbhishek Hirapara
 
DOCX
Password Cracking
byHajer alriyami
 
DOCX
Password hacking
byAbhay pal
 
PPT
Unit-4 Cybercrimes-II Mobile and Wireless Devices.ppt
byajajkhan16
 
PPTX
Hacking and cracking
byDeepak kumar
 
PPTX
Ethical hacking for Business or Management.pptx
byFarhanaMariyam1
 
PPTX
Key logger,Why? and How to prevent Them?
byBibek Sharma
 
PPTX
Gamifying Ethical hacking for education.pptx
byyg5ptrdvbg
 
PPTX
Cybersecurity cyberlab1
byrayborg
 
PPTX
Password cracking and brute force
byvishalgohel12195
 
PPTX
unit2_password_attacks_2fdgf.pdfgdgdghgptx
byzmulani8
 
PPTX
Hacking
byNadeem Ahmad
 
PPTX
Hacking
byNadeem Ahmad
 
PPTX
ch 3 Tools and methods used in Cybercrime.pptx
byjpsarwade
 
PPTX
Personal Internet Security System
byMatthew Bricker
 
ODP
Security In Internet Banking
byChiheb Chebbi
 
PPT
Keyloggers.ppt
byChetanmalviya8
 
Password cracking and brute force tools
byzeus7856
 
Aiman
byAimanz
 
Cybersecurity Essentials - Part 2
byShobhit Sharma
 
secure from Phishing Hacking and Keylogger
byAbhishek Hirapara
 
Password Cracking
byHajer alriyami
 
Password hacking
byAbhay pal
 
Unit-4 Cybercrimes-II Mobile and Wireless Devices.ppt
byajajkhan16
 
Hacking and cracking
byDeepak kumar
 
Ethical hacking for Business or Management.pptx
byFarhanaMariyam1
 
Key logger,Why? and How to prevent Them?
byBibek Sharma
 
Gamifying Ethical hacking for education.pptx
byyg5ptrdvbg
 
Cybersecurity cyberlab1
byrayborg
 
Password cracking and brute force
byvishalgohel12195
 
unit2_password_attacks_2fdgf.pdfgdgdghgptx
byzmulani8
 
Hacking
byNadeem Ahmad
 
Hacking
byNadeem Ahmad
 
ch 3 Tools and methods used in Cybercrime.pptx
byjpsarwade
 
Personal Internet Security System
byMatthew Bricker
 
Security In Internet Banking
byChiheb Chebbi
 
Keyloggers.ppt
byChetanmalviya8
 

Recently uploaded

PPTX
Semiconductor and diode theory and application.pptx
bygetnetzegeye
 
PPTX
Blockchain for Digital identity security
bysamirsarar2
 
PPTX
All About Introduction to Artificial IntelligenceAI.pptx
byRAJASEKARAN G
 
PDF
Overcoming QoS Challenges in a Full Automotive Ethernet Architecture
byRealTime-at-Work (RTaW)
 
PDF
Vertical Roller Mill more detail inside function
byagungcemindo
 
PPTX
Basic presentation - architecture pics.pptx
byMelsonJohnDalabajan
 
PPTX
Chapter 4 Geosynthetics materials for soil improvement .pptx
byFanastic
 
PDF
Introduction to Machine Learning: Foundations and Applications
byremoved_2838c0f85dcbdf1a3b55b256d9455357
 
PPT
23 EL PGS Sec-I (Shared).ppt power generation systems
byMehran university of engineering technology Pakistan
 
PPTX
aerated foam concrete types of concrete .pptx
bykumarrajsumn
 
PDF
(36-50)ANCIENT INGENUITY A REAPPRAISAL OF THE ARCHITECTURAL (3 files merged).pdf
byDharmsinh Desai of University
 
PDF
The CULTURIST Design Portfolio 2025 architecture and interior
bydesign and architecture
 
PPTX
COLLAGE PLACEMENT MANAGEMENT SYSTEM.pptx
bychaitanyachopade08
 
PDF
How Are Learning-Based Methods Reshaping Trajectory Planning in Autonomous D...
byimagnejane
 
PDF
Certified Cloud Security Professional (CCSP): Unit 4
byVICTOR MAESTRE RAMIREZ
 
PDF
【EN】Accelerating Flutter UI Development with 
Figma Dev Mode MCP × Claude Code
byYuta Asada
 
PDF
Boundary Conditions of field components.pdf
byRCC Institute of Information Technology
 
PDF
Somnath Mukherjee_BIM Specialist_Resume.pdf
bySomnathMukherjee980757
 
DOCX
material selection for preparation of glider
bybityasteraye
 
PPTX
Hydrocarbon traps, migration and accumulation of petroleum
byAhmadnawaz144515
 
Semiconductor and diode theory and application.pptx
bygetnetzegeye
 
Blockchain for Digital identity security
bysamirsarar2
 
All About Introduction to Artificial IntelligenceAI.pptx
byRAJASEKARAN G
 
Overcoming QoS Challenges in a Full Automotive Ethernet Architecture
byRealTime-at-Work (RTaW)
 
Vertical Roller Mill more detail inside function
byagungcemindo
 
Basic presentation - architecture pics.pptx
byMelsonJohnDalabajan
 
Chapter 4 Geosynthetics materials for soil improvement .pptx
byFanastic
 
Introduction to Machine Learning: Foundations and Applications
byremoved_2838c0f85dcbdf1a3b55b256d9455357
 
23 EL PGS Sec-I (Shared).ppt power generation systems
byMehran university of engineering technology Pakistan
 
aerated foam concrete types of concrete .pptx
bykumarrajsumn
 
(36-50)ANCIENT INGENUITY A REAPPRAISAL OF THE ARCHITECTURAL (3 files merged).pdf
byDharmsinh Desai of University
 
The CULTURIST Design Portfolio 2025 architecture and interior
bydesign and architecture
 
COLLAGE PLACEMENT MANAGEMENT SYSTEM.pptx
bychaitanyachopade08
 
How Are Learning-Based Methods Reshaping Trajectory Planning in Autonomous D...
byimagnejane
 
Certified Cloud Security Professional (CCSP): Unit 4
byVICTOR MAESTRE RAMIREZ
 
【EN】Accelerating Flutter UI Development with 
Figma Dev Mode MCP × Claude Code
byYuta Asada
 
Boundary Conditions of field components.pdf
byRCC Institute of Information Technology
 
Somnath Mukherjee_BIM Specialist_Resume.pdf
bySomnathMukherjee980757
 
material selection for preparation of glider
bybityasteraye
 
Hydrocarbon traps, migration and accumulation of petroleum
byAhmadnawaz144515
 

password cracking and Key logger

  • 2.
    Prepared By: • 1.Dabhi Pragnesh M. (140760109005) Guided By:- Prof. Richa Mali
  • 3.
    Index  Password cracking Key logger and spyware
  • 4.
    Password Cracking : •What is Password? • Password Cracking Concepts • Types of Password Attacks • Application Software Password Cracking • Hardening the password
  • 5.
    What is Password •String of characters for authentication and log on computer, web application , software, Files , network , Mobile phones, and your life  • Comprises: [a-zA-z, 0-9, symbols , space]
  • 6.
    Password Characteristics • Noshort length • No birthday or phone number, real name , company name • Don’t use complete words or Shakespeare quotes  ▫ Example: ▫ Hello123: Weak ▫ @(H311l0)@: Strong ▫ Easy to remember, hard to guess
  • 7.
    Password Security • Don’tuse your old passwords • Don’t use working or private email for every website registration such as games, news,….etc.
  • 8.
    Password Cracking Concept •guessing or recovering a password • unauthorized access • To recover a forgotten password • A Penetration testing step ( e.g. Network and Applications)
  • 9.
    Type of PasswordAttacks  Dictionary Attack  Brute Force Attack  Rainbow table attack  Phishing  Social Engineering  Malware  Offline cracking  Guess
  • 10.
    Password Cracking Types:(GuessingTechnique) I have tried many friends house and even some companies that , their password was remained as default, admin, admin . (Using Guessing Techniques)
  • 11.
  • 12.
    Password Cracking Types:(SocialEngineering)  sometimes very lazy genius non-IT Geeks can guess or find out your password
  • 13.
    Password Cracking Tools Brutus Remote online cracking tool, Windows base, free, supports:(HTTP, POP3, FTP, SMB, ...etc), resume/pause option .no recent update but still on top ranking.  RainbowCrack Hash cracker tool, windows/linux based, faster than traditional brute force attack, compare both plain text and hash pairs. Commercial and free version  Wfuzz Web application brute forcing (GET and POST), checking (SQL, XSS, LDAP,etc) injection  Cain and Able *** Few features of password cracking ability: Syskey Decoder,VNC Password decoder , MS SQl MYSQL and Oracle password extractor Based64, Credential Manager Password Decoder, Dialup Password Decoder,PWL Cached Password Decoder, Rainbowcrack-online client, Hash Calculator,  John the Ripper Offline mode, Unix/linux based, auto hash password type detector, powerful, contain several built-in password cracker  THC Hydra Dictionary attack tool for many databases, over 30 protocols (e.g. FTP.HTTP,HTPPS,...etc)  Medusa  AirCrack-NG WEP and WPA-PSK keys cracking, faster than other WEP cracker tools  OphCrack  L0phtCrack
  • 14.
    Password Cracking Types:(OfflineCracking)  We have enough time to break the password  Usually take place for big data  Or very strong and complicated password  After attack  Forensics investigation
  • 15.
    Password Hardening  Techniquesor technologies which put attacker, cracker or any other malicious user in difficulties  Brings password policy  Increase the level of web,network , application and physical access of to the company or organization.  Using biometric technologies such as fingerprint, Eye Detection, RFID Tag Cards….etc  All the Security solution just make it more difficulte. Harder but possible
  • 16.
    Password Cracking Dependson  Attacker's strengths  Attacker's computing resources  Attacker's knowledge  Attacker's mode of access [physical or online]  Strength of the passwords  How often you change your passwords?  How close are the old and new passwords?  How long is your password?  Have you used every possible combination: alphabets, numbers and special characters?  How common are your letters, words, numbers or combination?  Have you used strings followed by numbers or vice versa, instead of mixing them randomly?
  • 17.
    Key logger andspyware Define Key logger Hardware Examples Software Examples Prevention
  • 18.
    What is Keylogging? Keystrokelogging A program or hardware device that captures every key depression on the computer Used to monitor employee performance Used to seal private information
  • 19.
    Malicious Uses… Besides beingused for legitimate purposes, keyloggers can be hardware installed to a computer or software that is used to collect sensitive information. The types of sensitive information include: Usernames & Passwords Credit Card Numbers Person Information such as Name, Address, etc.
  • 20.
    Keylogging Hardware... These smalldevices connect directly on the end of a keyboard to the port on the computer and look rather unassuming. At a later time the person who installed the keylogger can come back to retrieve it. They are easily removed. Source: http://epic.org/privacy/dv/keylogger_hw.gif
  • 21.
    Software… There are hundredsof keylogger programs available over the internet for download. There are three ways for an attacker to install the software on an unsuspecting computer. 1. Install it from a compact disc or floppy disk. 2. Package the software as a computer virus or trojan horse. 3. Gain access to the computer over a network and install surveillance software remotely.
  • 22.
    Viruses… A simple searchof a virus encyclopedia shows 500 examples of keylogging malware.
  • 23.
    Prevention… There are severalways to prevent Keyloggers: • Anti-Virus/Spyware & Firewalls • Automatic Form Fillers • Alternative Keyboard Layouts • On screen Keyboards
  • 24.
    Anti-Virus/Spyware & Firewalls... As withany Virus or Spyware you should make sure that you have up-to-date protection. Anti-Virus: Make sure its running and using the latest virus definitions. Anti-Spyware: Same as your Anti-Virus Software, update regularly. Firewall: Make sure its active. It’s the first line of defense from online intrusions.
  • 25.
    AutoForm Fillers… A commonfeature of Web Browsers including Internet Explorer and Firefox. Works against keyloggers but vulnerable to other security breaches.
  • 26.
    Alternative Keyboard Layout... Alternative keyboardsmake captured keystrokes look like nonsense You can customize your own board with Microsoft Keyboard Layout Creator
  • 27.
    On Screen Keyboards... Softwarebased keyboards are not very effective. Clicks are converted back to keystrokes.
  • 28.
    On Screen Keyboards... Web-basedKeyboards offer more protection and are often found in online games.
  • 29.
    Summary... Key Loggers recordkeystrokes: • Legitimate use: Monitor employee productivity • Illegal uses: Steal passwords, usernames, and other personal/corporate data There are ways to protect yourself: • Be aware of what’s installed on your computer • Use caution when surfing the internet • Keep your computer’s security software updated

Editor's Notes

  • #12 Using Fake pages or application
  • #19 Keystroke logging (often called keylogging) is a diagnostic tool used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others. Source: Wikipedia
  • #20 People who install keyloggers are interested in your information. Once they have it they can steal your identity and ruin your credit which can then take years and money in order to clear your name. People may also install these devices for commercial espionage to steal a company’s plans for a new product.
  • #21 Because your keyboard plugs in the back of your machine, a device like this can go unnoticed for a long time and can even look like they belong there. The only obstacle for the person installing the hardware is getting access to your computer. Depending whether or not the computer is in a public place it could be rather easy.
  • #22 Installing from a disk is the hardest way for an attacker to install the software, like with the hardware, they have to have physical contact with a users machine.
  • #23 Installing a Keylogger via virus or trojan horse is an effective and easy way to deliver the program. It could be installed and running on your computer without you even knowing.
  • #25 Most computers come with demo’s of Anti-Virus software and allow you to purchase a license for a full version. Free protection is also available for download, such as AVG Free. Most come with an automatic update feature to keep you current. As with Anti-Virus Software you can buy or download free versions of Ant-Spyware, sometimes called Anti-Malware. Free utilities include Windows Defender and Ad-Aware. A firewall's basic task is to control traffic between computer networks with different zones of trust. Windows comes with a firewall utility and others, such as ZoneAlarm, can be downloaded for free. Firewalls keep intruders out.
  • #26 Internet Explorer and other web browser come with the option to complete forms, usernames and passwords automatically. Although this is good at preventing keyloggers from viewing your information, there are other ways people can access information stored by the autoform feature.
  • #27 Because most keyloggers expect you to be using the standard keyboard, using an alternative layout will make the data any keylogger intercepts as gibberish, unless they can convert it.
  • #28 Software not 100% effective because most of these programs convert the mouse click into a keyboard event message that must be sent to the external target program to type text, like the version that comes with Windows XP.
  • #29 Web-based on-screen keyboards may provide some degree of protection. The game Maple Story uses a 4-digit Pin Code secured by both on-screen keyboard entry and a randomly changing button pattern; there is no real way to get the latter information without logging the screen and mouse movements; another MMORPG called RuneScape makes a similar system available for players to protect their in-game bank accounts with. Source: Wikipedia