WebVPN Keystroke Logger Detection option

Unanswered Question
Nov 5th, 2008

I am wondering how many companies actually use the keystroke logger detection option within the CSD on the ASA. I have set this up to run for all my Clientless SSL VPN connections with varying results. I am posting this to see if anyone has successfully set up keystroke logger detection on the ASA or if companies rely on third party software to detect keystroke loggers.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dcsdecross Thu, 11/06/2008 - 11:06

I use it on ASA5505 and it has found loggers on user's home PCs. It give us the extra "feel-good" factor of making sure user's home PC is clean.

DJCanuck1_2 Thu, 11/06/2008 - 11:19

We are running it on a 5520 and have run into some blue-screen issues on some remote endpoints running both Windows XP and Vista. Looks to be a driver issue on the remote computer. I'm wondering if anyone else has experienced blue screen issues and what they did to solve this.

lascumbres Fri, 11/28/2008 - 02:12

Wondering the same, we have just enabled it here and hey, the president's laptop reports two loggers one of it being the touchpad driver!


DJCanuck1_2 Fri, 11/28/2008 - 08:07

I guess the determining factors are: 1. If you want to run the KLD scans, the user must have admin privileges. 2. Management of KLD results: Do you allow the user to check and verify results themselves(Uh...No) or do you turn on the admin control and maintain an acceptable list of safe modules? We are thinking admin control would be OK for a standard corporate image, but for home or kiosk computers? Who knows what is on those machines. Management nightmare..


This Discussion