On Sun, Nov 19, 2000 at 07:21:36AM +0800, maher abedib wrote:
> If possible,I would like to know, can ethereal continuously monitor the
> users keystorke,for example,I targeted this user(maher) and see this
> every single thing that he do.What do I know is the ethereal is a
> network protocal analyzer.What is the differences between procotol
> analyzer and keystroke monitoring
Protocol analyzers capture network traffic and analyze it; keystroke
monitors capture user keystrokes.
Not all user keystrokes necessarily show up in network traffic (consider
somebody typing text into an "xterm" running on the machine on which the
"xterm" is displaying), and not all network traffic necessarily contains
only user keystrokes (consider FTP traffic fetching a binary file).
If you want a keystroke monitor program, Ethereal isn't the program you
want; it can watch Telnet or rlogin traffic, for example, but if the
user's keystrokes aren't part of a Telnet or rlogin session, it won't
show up (and if they're part of an "ssh" session, they'll show up - but
they'll be encrypted).
I think there may be keystroke monitor programs for various different
UNIX-flavored OSes, but
1) I don't know what they are;
2) I don't know which OSes they let you monitor.
They also may only monitor "terminal" sessions, such as an xterm or a
remote login; they might not monitor keystrokes typed to GUI
applications (unless the GUI application is one such as "xterm" that
sends the keystrokes to a pseudo-terminal).