LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-18-2008, 07:36 PM   #1
theunixwizard
Member
 
Registered: Feb 2008
Distribution: Ubuntu,Fedora,PC-BSD,FreeBSD
Posts: 116

Rep: Reputation: 15
Post Linux Keylogger


I was wondering if their is any type of Keylogger for Linux
I have been noticing weird thing's on my computer such as C apps that I didn't build and Weird file's in /tmp. I think that it is one of my user's
 
Old 02-18-2008, 07:42 PM   #2
pljvaldez
Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Squeeze (x86)
Posts: 6,092

Rep: Reputation: 269Reputation: 269Reputation: 269
If I search through the debian repositories, it looks like there's one named lkl, but I've never used it.

A quick google also yielded uberkey and THC-vlogger.

But I prefer hardware keyloggers because they work on any OS and are easily overlooked. You can buy a good one for like $100.

Last edited by pljvaldez; 02-18-2008 at 07:46 PM.
 
Old 02-18-2008, 08:17 PM   #3
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
What about checking the .bash_history file?
 
Old 02-19-2008, 08:00 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,666
Blog Entries: 54

Rep: Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952
Quote:
Originally Posted by theunixwizard View Post
I have been noticing weird thing's on my computer such as C apps that I didn't build and Weird file's in /tmp.
Collateral like that could point to a breach of security. I'd appreciate it if you could give more specific names ('ls -alZ' or 'stat' the files). To make certain, you best review what users have logged on, check your logs, what processes are running, what files and connections are open and verify the integrity of your machine. If you want a checklist you could use the Intruder Detection Checklist (CERT): http://www.cert.org/tech_tips/intrud...checklist.html. Post anything that looks weird (preferably in BB code tags).

If your box appears to be clean then you do not want a keylogger, you want to take away opportunities for people to do mischief and log whatever is going on (aka basic hardening and auditing). Whatever that means depends on how the machine is attached to the network, what services it provides and who is allowed to access. Before hardening you have to make certain the box is clean though, else it makes no sense.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
keylogger? |2ainman Linux - Security 4 08-21-2013 04:48 AM
lkl (linux keylogger) and wireless usb keyboards fakie_flip Linux - Software 6 10-23-2010 07:33 AM
Linux keylogger roclok Linux - Software 61 03-08-2010 09:47 AM
Linux Suse Keylogger THE_MASK Linux - Software 1 12-17-2007 09:04 PM


All times are GMT -5. The time now is 04:57 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration