Alright... gotta get my two centz in here. #Yo out to Bill S... always good advice I'm guessing that with santa's problem it is almost impossible to keep people from putting key loggers onto a system if they have physical access to them. HPFS (Easy to beat) NTFS (Easy to beat) NTFS 5 (Easy to beat) UFS (Easy to beat) FAT (hahahahahhaha) It's all risk assessment Santa. If you don't trust your elves ya gotta pull the floppy, Zip, CD-ROM etc... access. Key loggers are easy to code and can be named whatever you call them. You could however write a simple program to look for all the executable files on your systems and the do a sum of the previous days results to see if there are any changes. Intrusion detection is key to picking this stuff up... its a process you engauge in. Not a capability you will be able to attain. Scoty "It's all about the Pentium" -Wierd Al >From: Bill Stewart <[EMAIL PROTECTED]> >To: "PFSanta Claus" <[EMAIL PROTECTED]>, [EMAIL PROTECTED] >Subject: Re: keyboard loggers. >Date: Mon, 18 Dec 2000 23:23:22 -0800 > >If you have to worry about people installing keyboard logging >programs on your machine without your permission, either >- you're using a public shared machine at a coffeeshop or school > or Kinko's to do things you think need security, or >- you're using your employer's machine, and shouldn't do things > that are inappropriate to do at work, >- you're using your employer's machine, and need a new employer > who trusts his employees instead of feeling compelled > to spy on them, >- you're using your employer's machine, and your employer has > a serious security problem with people trying to crack in at night, >- you're sharing your home machine with a teenager who runs > all sorts of game programs downloaded off the net > or borrowed from friends, viruses and all, >- you've got serious security problems of your own - > if they can sneak in and install programs like that, > they can install anything else they want, > copy your hard disk, probably even steal your hard disk, or >- the paranoids really are out to get you. > >For the shared-machine problem, don't use insecure machines >to do secure stuff. Use disposable email accounts, >American Express one-shot credit card numbers, >and if you must log in to something, use one-time passwords >(either S/Key or SecureID tokens or some similar mechanism.) > >There's been some work done on encryption programs that run >in hand-held computers, whether Palm Pilot things with displays >or JavaRings or smartcards without them. Matt Blaze, Ian Goldberg, >and Martin Minow have done presentations on those topics. > >I'll leave you to figure out employer problems, >and there are professionals who can help with paranoia, >as long as you get to them before the Feds get to you. > >One approach for the teenager problem (or the related problem of >machines for lab use, especially firewall research) >is removable disk drives. You can get disk drive drawers for >IDE/Ultra/DMA/etc for about $20, and spare disks are only $100 or so. >Keep a clean copy for installing software you trust, >password-protected-screensavered to reduce accidents, >and give the kid his own disk to play with, >plus teach him how to reinstall software from CD-ROM >when it gets trashed. It's the computer equivalent of >buying a full-sized beater car for your kid to learn to drive in - >extra weight, airbags, and an exterior you don't care about dents in. > >If the kid has his own machine, and you're sharing a network, >that's more trouble. You'll have to firewall your machine >off from the kid's, or at least mainly run the clean copy >disconnected from the net, and make sure the kid keeps >current virus protection installed and running. > > >At 12:05 PM 12/18/00 -0900, PFSanta Claus wrote: > >Hi, > > I came across your addies in a search off ask Jeeves and thought >perhaps > >due to the way your interests run you might be up on this topic. I'm a >Sr. > >Support Analyst for a large vendor and recently was asked by one of my > >casual internet contacts if there was a way to prevent a "keyboard >logging" > >surveillance program from prevailing on their system and reporting the > >goings on from their keyboard. In an effort to be helpful, I set about my > >normal pattern of research and found that there seems to be a ton of info > >promoting various products, yet there is virtually nothing I could find > >which offers any realistic or reliable countermeasures that can be taken >to > >prevent someone from logging the output from your keyboard. Even the >hackers > >seem to think it isn't a threat to anyone's privacy. Weird... > > > Thanks! > Bill >Bill Stewart, [EMAIL PROTECTED] >PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639 _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com