Automated hardware keylogger detection

[Jock Forrester]

Hi all

I am working on a project to secure workstations from software and
hardware key loggers. The company is looking at implementing a solution
called Safend Protector
(http://www.safend.com/65-en/Safend%20Protector.aspx) as it claims that it
can detect hardware key loggers (PS2 and USB).

- Does any one have any experience with the product?
- Does it detect hardware key loggers, I was under the assumption that
in-line PS2 keyloggers are undetectable by the PC?
- Are there other products that can detect hardware and software keyloggers?

Thanks for your input.

Cheers
Jock

[Frans Sauermann]

Hi Jock
On the software side, I suppose it will do the same job as anti-
spyware etc.

On the hardware side.. I think it could be possible to pick up USB
keyloggers, since they have to match up the drivers of the keyboard.
For PS2 keyloggers.. I can't think of a technical means that makes
this possible.

I've had experience with PS2 keyloggers, and one method of picking up
a keylogger is typing the default passwords on them.. "keykatch" etc.

[Riddler]

Websense incorporate's Safend for their endpoint security solution as
part of CPS.
As far as i know you would need to authorise external device's for use
based on serial numbers via the management console.

[Hendrik Visage]

On 8/14/07, Frans Sauermann <franssa...@gmail.com> wrote:
>
> Hi Jock
> On the software side, I suppose it will do the same job as anti-
> spyware etc.
>
> On the hardware side.. I think it could be possible to pick up USB
> keyloggers, since they have to match up the drivers of the keyboard.
> For PS2 keyloggers.. I can't think of a technical means that makes
> this possible.

Personally I'm asking: The best/correct hardware keylogger should not
be detectable, and
to do that it should be transparent and only sniff and pass on the
bits received on the one side straight to the otherside. Now the only
way then to "Detect" it would be to measure impedance/resistance etc.
on and electronic level...

Or am I missing something else?

>
> I've had experience with PS2 keyloggers, and one method of picking up
> a keylogger is typing the default passwords on them.. "keykatch" etc.
>
>
> >
>

--
Hendrik Visage

[Andrew]

On Aug 13, 5:21 pm, "Jock Forrester" <j...@forrester.co.za> wrote:
> - Does any one have any experience with the product?
> - Does it detect hardware key loggers, I was under the assumption that
> in-line PS2 keyloggers are undetectable by the PC?
> - Are there other products that can detect hardware and software keyloggers?

Try DeviceLock (www.pretect-me.com). The current version can detect
USB keyloggers and the new version (which is available as beta right
now) can also protect you from PS/2 keyllogers.

[Ian Melamed]

Hi Jock

 

According to the Electronic Engineers that I had on a project to detect hardware keyloggers inserted between the keyboard and the PC so far automatic detection was not a viable solution from the PC/Netwrok side. Using camera equipment to detect activity in specific areas and then reviewing alerts helps. Dara leakage is a growing problem in South Africa and if anyone comes up with a solution to hardware keyloggers inserted between keyboard and PC please please shout.

 

Regards

 

Ian Melamed

 

[Phil]

Hi Ian

I am shouting. The Safend solution has been proven in numerous local
and international implementations to eliminate the risk from hardware
keyloggers (both USB and PS2). Contact Magix (local Safend
distributors) on safend at magix.co.za for more information.

> > Hendrik Visage- Hide quoted text -
>
> - Show quoted text -

[Hendrik Visage]

On 8/16/07, Phil <phillip...@yahoo.co.uk> wrote:
>
> Hi Ian
>
> I am shouting. The Safend solution has been proven in numerous local
> and international implementations to eliminate the risk from hardware
> keyloggers (both USB and PS2). Contact Magix (local Safend
> distributors) on safend at magix.co.za for more information.

Well... the site doesn't want to do much inside Galeon on a x86_64 machine :(

--
Hendrik Visage

[rob hunter]

more than likely a silly question, but did you try http://magix.co.za or http://www.magix.co.za?

tried with internet destroyer and firefox on win32, and firefox on FreeBSD with success

[Hendrik Visage]

On 8/16/07, rob hunter <rob.hu...@gmail.com> wrote:
> more than likely a silly question, but did you try http://magix.co.za

YEs, blank/not found/etc.

> or
> http://www.magix.co.za?

TRied it next, brought up a nice animation, nothing worked after that
as flash on 64bit doesn't gel....

>
> tried with internet destroyer and firefox on win32, and firefox on FreeBSD
> with success
>
>
> >
>

--
Hendrik Visage

[Craig Geel (ZA)]

Would anyone like there phone number and a contact person?

Just a thought!

This message was sent using a mobile device.

YEs, blank/not found/etc.

> or
> http://www.magix.co.za?

--
Hendrik Visage

This email and all contents are subject to the following disclaimer:

"http://www.dimensiondata.com/emaildisclaimer.htm"

[Ian Melamed]

This looks like advertising a product - this is not the objective

 

Ian

 

Please stop shouting!!!!

 

On 8/16/07, Phil <phillip...@yahoo.co.uk> wrote:

[cisspchef]

Onw word

SUPERGLUE.

[Phil]

I'm confused. You asked for anyone with a solution to let you know, i
did ?

On Aug 17, 10:44 am, "Ian Melamed" <iansh...@gmail.com> wrote:
> This looks like advertising a product - this is not the objective
>
> Ian
>
> Please stop shouting!!!!
>

> > > - Show quoted text -- Hide quoted text -

[Craig Geel (ZA)]

If I recall a solution was asked for and the request was "please shout"
Kind Regards,

Craig Geel
Dimension Data - Security Solutions Architect
Tel: +27 (0) 31 204 8524
Mobile +27 (0) 78 456 0532
eMail: craig...@za.didata.com
Web: www.dimensiondata.com

-----Original Message-----
From: Whiteha...@googlegroups.com
[mailto:Whiteha...@googlegroups.com] On Behalf Of Phil
Sent: 17 August 2007 12:39 PM
To: WhitehatAfrica
Subject: [WhitehatAfrica] Re: Automated hardware keylogger detection