Solved

LKL Keylogger isn't creating the logfile.

Posted on 2008-10-08
11
5,040 Views
Last Modified: 2013-11-15
I am using Ubuntu 8.04 Hardy Heron.

I have used the package manager to install LKL (-- Linux Key Logger vers 0.1.1 --
)

It is running, and I have managed to get the keymap to work also.

The problem I am having is that the log file, in this case - keylog.txt is not being created!!
The application shows no errors at all. My system resources even go up when I begin the logging and come down again when I kill it. Below's a copy of my terminal's output.

Any assistance would be LOVELY.

P.S. I'm not hellbent on using LKL, it just seems to be a popular choice.
root@Rambo:~# lkl;

-- Linux Key Logger vers 0.1.1 --
      usage:
            -h this help
            -l start to log the 0x60 port (keyboard)
            -b Debug Mode.Perhaps it's usefoul :P
            -k <km_file> set a keymap file
            -o <o_file> set an output file
            -m <email> send logs to <email> every 1k
            -t <host> hostname for sendmail server. default is localhost

Example: lkl -l -k keymaps/it_km -o log.file

root@Rambo:~# lkl -l -k /usr/share/lkl/keymaps/us_km -o ~/tmp/keylog.txt

Started to log port 0x60. Keymap is /usr/share/lkl/keymaps/us_km. The logfile is /root/tmp/keylog.txt.












0
Comment
Question by:ddsteam
  • 5
  • 4
  • 2
11 Comments
 
LVL 19

Expert Comment

by:jools
ID: 22669078
just out of interest, what do you want to log?
0
 
LVL 17

Expert Comment

by:owensleftfoot
ID: 22669162
It only works with ps2 keyboards. Are you using a usb keyboard?
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22669255
@ Jools: I want to log ALL keyboard strokes inputted into the workstations.

@Owensleftfoot: I have read that it only works on USB. This is painful. I am using USB throughout, however, if there's no other choice, I'll have to get USB to PS2 adapters so that it can monitor the correct port.

The issue is however, not that the log file's empty, it's simply not there..

Perhaps a better application is available?
0
 
LVL 19

Expert Comment

by:jools
ID: 22669355
> @Owensleftfoot: I have read that it only works on USB. This is painful. I am using USB throughout, however, if there's no other choice, I'll have to get USB to PS2 adapters so that it can monitor the correct port.

We website certainly seems to indicate it logs the hardware port, perhaps it only creates the file once it has detected input...

If that's the case could someone just circumvent it by connecting the keyboard back into the usb port?

Anyway, I'm guessing that there is a security reason for doing this as opposed to using some sort of auditing. Who would have the time to check thru all the logs?? I was wondering if the use of `script` may help but it's a security thing then perhaps not.
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22669434
It is a small environment with a handful of Estate Agents, so the margin for tampering's almost 0!

It does indeed monitor the hardware port, as apposed to it not being able to monitor the USB Device . I was thinking along the same lines as you with reguards to the lack of input, leading to the lack of the log file, but i've tried with both k/bs.

More and more, i'm thinking that another app is on the cards?
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 19

Expert Comment

by:jools
ID: 22669540
How about just restricting their use, I'm guessing they wont need root access, please god not estate agents!

You could give them a restricted account and use sudo configured for certain functions.

Is key logging a required function or are you just trying to think ahead for when they screw the system up!
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22669596
Ah jools, I've been grafting at trying to get this to work all day, to say I am annoyed, is a light understatment! Your post, however, has made my day!!

Management are trying to catch people chatting using various IMs. I don't want to go into too much details, but at the end of the day - I need all keystrokes recorded and logged.

The environment is such that funds are not available for a Proxy Server or any sort of decent management system. The owners simply want to be able to read through a log and see who is generating sales and who isn't.
0
 
LVL 17

Assisted Solution

by:owensleftfoot
owensleftfoot earned 60 total points
ID: 22669635
You could use sebek - https://projects.honeynet.org/sebek
Its normally used to track the keystrokes/passwords/uploads/downloads of hackers on a honeynet
0
 
LVL 19

Expert Comment

by:jools
ID: 22669768
oh dear...I cant swear here but wot a complete bunch of illegitimate children....and you're kinda stuck, poor you!

So, are the PC's all linux based or are the ones the sales people have to use windows based?
Shame, there are a load of hardware options available, but on a bidget of £0 youre a bit stuck.

You could configure Linux to be the proxy.

Just some links...
http://www.webwatchernow.com/Monitoring-Software/Consumer/Key-logger-lnd.html?gclid=CKjgwKvyl5YCFQyR1QodFS5R6w
http://www.keydevil.com/
http://www.keyghost.com/

I'll see if I can find out anything and do a bit of digging around...
0
 
LVL 19

Accepted Solution

by:
jools earned 65 total points
ID: 22669866
...or... you could check out owens excellent link... :-)

toodle pip
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22684891
Thanks guys!

I'll give both Owen's link a try (seems like one hell of a decent package!) as well as presivere with yours Jools!

As always, many thanks!
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now