Does anyone know any prevention or detection strategy for HARDWARE key loggers?
I don’t see how any s/w or h/w solution can detect or prevent hardware key loggers. You have to allow the USB port for the keyboard to work or the PS/2 port for older machines. Since the hardware key logger connects in series it doesn’t take up any additional ports. Since there is no s/w component of the hardware key logger there is no option for detecting additional software. I use them in my pen tests and I haven’t been caught or detected. The only real way I know of is to prevent physical access to the keyboard connector on the desktop or server. The solution suggested above will help to reduce data leakage on USB and other drives but I don’t see where it can detect a physical key logger.
