|
Posted by S. Pidgorny on June 19, 2005, 9:30 pm
Please log in for more thread options Some vendors os SSL VPN do claim that they'll detect keyloggers - but they
require admin rights to inspect and still I find those claims hard to
believe. And, in a hostile environment you might have hardware key loggers
inside the system case!
I hvent checked yet but attaching own keyboard (usb/bluetooth) might be a
good option, as most key loggers don't pick up secondary keyboards while
running
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
> if they are your machines and you are the administrator, the only way to
be
> sure is to lock the machines down yourself. This includes BIOS passwords
so
> that users can't boot from CDs etc. Physical access is a huge risk. Then
> the OD must be locked down. Depending on the environment, you may want to
> create software restriction policies. Strong AV and such are important
too.
> Assuming that no one is given administrator privileges, a properly
> configured workstation will stay clean. There is no single tool or trick
to
> make sure you are safe. Defense in depth....
>
> If any machine is suspected in the least, wipe it. You can boot from a
> Linux or winXPE CD and get data off. That way you know the OS is clean.
>
> Cheers,
>
> --
> Mark Gamache
> Certified Security Solutions
> http://www.css-security.com
>
>
>
> > Hello All,
> > I have a public environment and usually when i troubleshoot the area I
log
> > onto local ws as Administrator. Is there a way of telling if keyloggers
> > have been installed on workstations? How do I know that my administrator
> > account for the local ws is not being compromised?
> >
> > TIA,
> > Altria
> >
>
>
| 
XML Sitemap