Forum Discussion

Muhannad's avatar
Muhannad
Icon for Cirrus rankCirrus
Aug 24, 2020
Solved

Application keylogger issue with Datasafe

Dear Experts,

 

I have been testing the Fraud protection for F5-AWAF in my lab, everything is working fine but i am facing an issue with keyloggers, the password is encrypted fine when inspecting the values in the web developers tool and it is encrypted when installing the keylogger as an extension in the chrome.

 

But it is encrypting the password when i have installed a keylogger application, i am still able to see the password in plain text, checking the documents below:

https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/big-ip-datasafe-configuration-14-1-0/03.html

 

They mentioned the following: Select the Enabled check box for the Keylogger Protection setting.When this setting is enabled, the system protects against in-browser key loggers.

Does this means that datasafe is not working with keyloggers applications?

 

Regards,

Muhannad

 

  • It can't mask keystrokes captured by a keylogger on the host machine/client if that's what you're asking about. It sounds like it's working as expected (encrypting in browser/L7, encryption in transit, and data is masked in logs).

     

    Features:

    '''

    •  protects sensitive information from interception by encrypting data while it’s still in the browser.
    •  DataSafe encrypts data at the application layer to protect against malware and keyloggers. 
    •  This renders leaked credentials or data useless.

    '''

    -https://support.f5.com/csp/article/K11023343

2 Replies

  • It can't mask keystrokes captured by a keylogger on the host machine/client if that's what you're asking about. It sounds like it's working as expected (encrypting in browser/L7, encryption in transit, and data is masked in logs).

     

    Features:

    '''

    •  protects sensitive information from interception by encrypting data while it’s still in the browser.
    •  DataSafe encrypts data at the application layer to protect against malware and keyloggers. 
    •  This renders leaked credentials or data useless.

    '''

    -https://support.f5.com/csp/article/K11023343