Ask Your Question
0

How can I find out, via Wire Shark report, a key logger may be going?

asked 2018-05-10 13:38:01 +0000

rt2018 gravatar image

Hello. I am trying to pin down Keyboard keystroke problems and looking at a possible key logger. Key strokes are missed on random computers by random users with random keyboards and random Windows OS. Running wire shark, I am not sure what to look for on the report output. Thank you.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-05-10 15:18:23 +0000

Jaap gravatar image

There are so many ways in which a keylogger can exfiltrate data that it's impossible to give a specific answer. Any (meta-)data carrying protocol is a candidate, e.g., HTTP URL, HTTP header, IRC, SMTP, FTP, you name it. It would require detailed analysis of all communications to see if something cannot be identified as expected/valid traffic, something that may prove difficult in even normal networks.

On the other hand, it would be rather strange if a keylogger would cause keystrokes to be dropped, and thereby attracting attention to itself...

edit flag offensive delete link more

Comments

Hello. Do you happen to know of any "out of the ordinary" reasons key strokes would randomly not hit? We have tried a wide Varity of solutions to no avail...from hard replacement to software removals to driver updates...etc..

rt2018 gravatar imagert2018 ( 2018-05-10 15:24:34 +0000 )edit

That is not a Wireshark question, I'm afraid.

Jaap gravatar imageJaap ( 2018-05-11 13:49:12 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-05-10 13:38:01 +0000

Seen: 70 times

Last updated: May 10