View the Most Wanted LQ Wiki articles.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-18-2008, 07:36 PM   #1
Registered: Feb 2008
Distribution: Ubuntu,Fedora,PC-BSD,FreeBSD
Posts: 116

Rep: Reputation: 15
Post Linux Keylogger

I was wondering if their is any type of Keylogger for Linux
I have been noticing weird thing's on my computer such as C apps that I didn't build and Weird file's in /tmp. I think that it is one of my user's
Old 02-18-2008, 07:42 PM   #2
LQ Guru
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094

Rep: Reputation: 269Reputation: 269Reputation: 269
If I search through the debian repositories, it looks like there's one named lkl, but I've never used it.

A quick google also yielded uberkey and THC-vlogger.

But I prefer hardware keyloggers because they work on any OS and are easily overlooked. You can buy a good one for like $100.

Last edited by pljvaldez; 02-18-2008 at 07:46 PM.
Old 02-18-2008, 08:17 PM   #3
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
What about checking the .bash_history file?
Old 02-19-2008, 08:00 AM   #4
Registered: May 2001
Posts: 28,886
Blog Entries: 55

Rep: Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356Reputation: 3356
Originally Posted by theunixwizard View Post
I have been noticing weird thing's on my computer such as C apps that I didn't build and Weird file's in /tmp.
Collateral like that could point to a breach of security. I'd appreciate it if you could give more specific names ('ls -alZ' or 'stat' the files). To make certain, you best review what users have logged on, check your logs, what processes are running, what files and connections are open and verify the integrity of your machine. If you want a checklist you could use the Intruder Detection Checklist (CERT): Post anything that looks weird (preferably in BB code tags).

If your box appears to be clean then you do not want a keylogger, you want to take away opportunities for people to do mischief and log whatever is going on (aka basic hardening and auditing). Whatever that means depends on how the machine is attached to the network, what services it provides and who is allowed to access. Before hardening you have to make certain the box is clean though, else it makes no sense.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
keylogger? |2ainman Linux - Security 4 08-21-2013 04:48 AM
lkl (linux keylogger) and wireless usb keyboards fakie_flip Linux - Software 6 10-23-2010 07:33 AM
Linux keylogger roclok Linux - Software 61 03-08-2010 09:47 AM
Linux Suse Keylogger THE_MASK Linux - Software 1 12-17-2007 09:04 PM

All times are GMT -5. The time now is 01:20 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration