Re: Key strokes loggerFrom: Meritt James (email@example.com)
- Previous message: Thor@HammerofGod.com: "Item.Send Security Warning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3B66EF73.2FD801E6@bah.com> Date: Tue, 31 Jul 2001 13:48:35 -0400 From: "Meritt James" <firstname.lastname@example.org> To: centipede <email@example.com> Subject: Re: Key strokes logger
If auditing is enabled on NT systems, the information which you claim
interest (and NOT passwords) is recorded. (Including failures, of
course!). Enable full (and I mean FULL) auditing for an interval.
Beware of exceeding the disk space available- there is a LOT of data!
Why would you want (as in the original request) passwords associated
> It goes to a host on which I've got the full administrator authority.
> Full access to its Devices, Registry or whatever.
> A remote installation is truly preferable.
> James, to your question, here's the thing:
> I suspect that host to be the source of malicious activity.
> I *DO* suspect a certain user, but I wanna do some research.
> I need to know about every single login, and I'm interested in the
> failures no less than the successes.
> that's about it.
> Meritt James wrote:
> > Well, THAT looks like a less-than-friendly specification! Why do you
> > want such a thing?
> > centipede wrote:
> >> Hello,
> >> I'm looking for a key-strokes logging utility for an NT4.0 host.
> >> It should be stealthy and hopefully capable of logging the log-in
> >> username and password.
> >> Any suggestions ?
> >> thanx
> >> centipede.
-- James W. Meritt, CISSP, CISA Booz, Allen & Hamilton phone: (410) 684-6566