[THIN] Re: Spyware Tools

• From: "Trevor Fuson" <fuson@xxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Fri, 15 Oct 2004 14:16:27 -0700

We use Appsense, it is highly effective on a well patched, properly
configured machine.  You need to have a handle on your installation
accounts that are trusted owners of executables. You also need to make
sure you are well patched to avoid problems of privedge elevation and
buffer overflow exploits.

________________________________

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of PETERSON, DAVID
Sent: Friday, October 15, 2004 2:04 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Spyware Tools


Has anyone tried an app like AppSense Application Manager for spyware?
It might be overkill, but may be more likely to stop them from
installing if a program is only allowed to run or install if the owner
is a preset trusted user.
 

________________________________

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Trevor Fuson
Sent: Friday, October 15, 2004 4:56 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Spyware Tools


Autoruns from sysinternals, it is similar to Hijack this however
autoruns can hide MS signed components and executables.  This makes
malware disguised as MS components really pop out. 
 
The problem with all spyware removable tools is that they will never
detect all malware.  In fact most malicious software is actually valid
software that has been specially configured to host all sorts of
undesirable services from your computer.  Types of software such as FTP
servers, Web Servers, SMTP Servers, Task Schedulers, Packet Sniffers and
Remote Control tools will all most likely be not be detected.
 
Run autoruns with every option under the view menu selected, then
inspect each entry on an individual basis.  You should see a few items,
like your antivirus and terminal services related tools.

________________________________

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Rusty Yates
Sent: Friday, October 15, 2004 11:37 AM
Subject: [THIN] Spyware Tools


What is everyone using to scan their servers for Spyware?  We are
currently looking for options.
 
Thanks, Rusty


NOTICE: This electronic mail transmission from the law firm of Dinsmore
& Shohl may constitute an attorney-client communication that is
privileged at law. It is not intended for transmission to, or receipt
by, any unauthorized persons. If you have received this electronic mail
transmission in error, please delete it from your system without copying
it, and notify the sender by reply e-mail, so that our address record
can be corrected. 

Other related posts:

• » [THIN] Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools
• » [THIN] Re: Spyware Tools

1. Home
2. thin
3. Archive
4. 10-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---