ComLog 1_01 details

  • Description

    From the doc: 'This program captures the input/output of the Windows NT Command Promt (cmd.exe). It does so by prentending to be the real prompt and forwarding the commands to the real (and renamed) cmd.exe. I/O is stored in a random-generated log file in WINNTHelpTutor.' From the Website: 'Command prompt capture utility for Windows NT/2K. Ideal to maintain a log history of commands typed at the command prompt by users, or to capture intruder activity with IIS abuse or netcat tunnels. Can be used with LogAgent for automatic forwarding of the logs to a central location or monitoring console. ComLog 1.05 Pro works the same way as the Open Source version, except that it can be configured via a config file, which allows the user to choose the filename for cm_.exe and to specify pattern strings to be hidden from the monitored users (to hide processes like Snort or ZoneAlarm, for example).'From the author: 'this tool was designed as a legitimate security tool (widely used in honeypots, for example) for the network admin to compile a history of commands typed by a potentiel attacker.... ComLog is not a regular keylogger (capturing all the keystrokes), but focuses only on what is typed via the command prompt, a very important particularity. Because of this, ComLog makes for a very bad hacking tool to capture keystrokes, as most of the keystrokes typed on the machine will never be captured. In fact, this particularity was designed to enable network admins to monitor attackers, not the other way around.'From the web site: 'SecurIT Informatique Inc. is a firm working in the markets of computer security and integration of systems and networks. The company is made of highly qualified persons in these domains. SecurIT Informatique Inc. arose from the will to offer high quality services in computer security, and to provide corporate-level service at a price that small and medium businesses can afford. SecurIT Informatique Inc.'s team goal is to help their customers to set up solutions adapted to their needs and to their realities in term of systems and networks, always by keeping in mind the aspect computer security. Our technological independence allows us to offer you solutions cut to measure according to your budget capacities.'