Solved

LKL Keylogger isn't creating the logfile.

Posted on 2008-10-08
11
5,052 Views
Last Modified: 2013-11-15
I am using Ubuntu 8.04 Hardy Heron.

I have used the package manager to install LKL (-- Linux Key Logger vers 0.1.1 --
)

It is running, and I have managed to get the keymap to work also.

The problem I am having is that the log file, in this case - keylog.txt is not being created!!
The application shows no errors at all. My system resources even go up when I begin the logging and come down again when I kill it. Below's a copy of my terminal's output.

Any assistance would be LOVELY.

P.S. I'm not hellbent on using LKL, it just seems to be a popular choice.
root@Rambo:~# lkl;

-- Linux Key Logger vers 0.1.1 --
      usage:
            -h this help
            -l start to log the 0x60 port (keyboard)
            -b Debug Mode.Perhaps it's usefoul :P
            -k <km_file> set a keymap file
            -o <o_file> set an output file
            -m <email> send logs to <email> every 1k
            -t <host> hostname for sendmail server. default is localhost

Example: lkl -l -k keymaps/it_km -o log.file

root@Rambo:~# lkl -l -k /usr/share/lkl/keymaps/us_km -o ~/tmp/keylog.txt

Started to log port 0x60. Keymap is /usr/share/lkl/keymaps/us_km. The logfile is /root/tmp/keylog.txt.












0
Comment
Question by:ddsteam
  • 5
  • 4
  • 2
11 Comments
 
LVL 19

Expert Comment

by:jools
ID: 22669078
just out of interest, what do you want to log?
0
 
LVL 17

Expert Comment

by:owensleftfoot
ID: 22669162
It only works with ps2 keyboards. Are you using a usb keyboard?
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22669255
@ Jools: I want to log ALL keyboard strokes inputted into the workstations.

@Owensleftfoot: I have read that it only works on USB. This is painful. I am using USB throughout, however, if there's no other choice, I'll have to get USB to PS2 adapters so that it can monitor the correct port.

The issue is however, not that the log file's empty, it's simply not there..

Perhaps a better application is available?
0
 
LVL 19

Expert Comment

by:jools
ID: 22669355
> @Owensleftfoot: I have read that it only works on USB. This is painful. I am using USB throughout, however, if there's no other choice, I'll have to get USB to PS2 adapters so that it can monitor the correct port.

We website certainly seems to indicate it logs the hardware port, perhaps it only creates the file once it has detected input...

If that's the case could someone just circumvent it by connecting the keyboard back into the usb port?

Anyway, I'm guessing that there is a security reason for doing this as opposed to using some sort of auditing. Who would have the time to check thru all the logs?? I was wondering if the use of `script` may help but it's a security thing then perhaps not.
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22669434
It is a small environment with a handful of Estate Agents, so the margin for tampering's almost 0!

It does indeed monitor the hardware port, as apposed to it not being able to monitor the USB Device . I was thinking along the same lines as you with reguards to the lack of input, leading to the lack of the log file, but i've tried with both k/bs.

More and more, i'm thinking that another app is on the cards?
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 19

Expert Comment

by:jools
ID: 22669540
How about just restricting their use, I'm guessing they wont need root access, please god not estate agents!

You could give them a restricted account and use sudo configured for certain functions.

Is key logging a required function or are you just trying to think ahead for when they screw the system up!
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22669596
Ah jools, I've been grafting at trying to get this to work all day, to say I am annoyed, is a light understatment! Your post, however, has made my day!!

Management are trying to catch people chatting using various IMs. I don't want to go into too much details, but at the end of the day - I need all keystrokes recorded and logged.

The environment is such that funds are not available for a Proxy Server or any sort of decent management system. The owners simply want to be able to read through a log and see who is generating sales and who isn't.
0
 
LVL 17

Assisted Solution

by:owensleftfoot
owensleftfoot earned 60 total points
ID: 22669635
You could use sebek - https://projects.honeynet.org/sebek
Its normally used to track the keystrokes/passwords/uploads/downloads of hackers on a honeynet
0
 
LVL 19

Expert Comment

by:jools
ID: 22669768
oh dear...I cant swear here but wot a complete bunch of illegitimate children....and you're kinda stuck, poor you!

So, are the PC's all linux based or are the ones the sales people have to use windows based?
Shame, there are a load of hardware options available, but on a bidget of £0 youre a bit stuck.

You could configure Linux to be the proxy.

Just some links...
http://www.webwatchernow.com/Monitoring-Software/Consumer/Key-logger-lnd.html?gclid=CKjgwKvyl5YCFQyR1QodFS5R6w
http://www.keydevil.com/
http://www.keyghost.com/

I'll see if I can find out anything and do a bit of digging around...
0
 
LVL 19

Accepted Solution

by:
jools earned 65 total points
ID: 22669866
...or... you could check out owens excellent link... :-)

toodle pip
0
 
LVL 1

Author Comment

by:ddsteam
ID: 22684891
Thanks guys!

I'll give both Owen's link a try (seems like one hell of a decent package!) as well as presivere with yours Jools!

As always, many thanks!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now