On Mon, 2008-06-30 at 12:03 -0400, max wrote:
Parshwa Murdia wrote:
> hi,
> when i asked for the keylogger in my system, why people thought of illegal
> activities only? it is MINE system and for use only in my system, i am
> asking and further more, like one must have knowledge of viruses and then
> only he can create an antivirus, similarly it is for the knowledge of
> keylogger to prevent the thefts
> parshwa
>
>
If you want to know how to find keyloggers then you might want to look
at how programs like chkrootkit and rkhunter function. As for installing
one, well you'd go about that just like you would any other program.
There is nothing special about a virus or keylogger, they are programs
just like open office or vi. That is why anti-virus programs rely
heavily on updates, it is very difficult to tell one program from
another, if there was some magic flag that went up when a program was
malicious there wouldn't be a virus problem. They use heuristics as well
to try and determine if a program is malicious but programs flagged by
heuristics are just as likely to be benign as malicious. The best
solution is to strictly control what is allowed to execute on the
system. How many programs do you really use on a regular basis?
--
Fortune favors the BOLD
I wouldn't say that programs marked by heuristics are just as likely to
be good. The quality of the heuristics continually improve, and are
much better than that. Typically heuristics are applied to programs and
program errors that remain after other methods have considerably
narrowed the list. I suspect that their accuracy greatly exceeds 95%
these days due to the order of application, and that is improved even
more by some background software applied after the heuristic ID.
Please don't overstate the case. It is hard enough to get people to run
antivirus now.
REgards,
Les H