DESCRIPTION
TCLEO is a linux kernel-based keystroke logging system developed as part of project PARANOID, which aims at intruder indentification based on analysis of data from various sources, including pressed keys. Keystrokes may be encrypted at the network level (e.g. ssh), but at some point after arrival they are unencrypted at the destination host. That's where TCLEO gets into action.
Project PARANOID and related research is currently being carried out at SI6 Information Security Research Labs at CITEFA.
For more information about PARANOID, visit http://www.citefa.gov.ar
TCLEO is composed of three main modules:
- a linux kernel module for distributed user keystroke logging
- a network server which collects data from client modules and stores them in a database for further analysis.
- a database engine (currently only MYSQL is supported)
DOWNLOAD:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
