lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <EBF49D1F55C6D349AFBE297CAC238A521FB3FC4C@uskzoms025.uskzo.am.pnu.com>
Date: Wed, 12 Nov 2003 12:09:41 -0500
From: "Reava, Jeffrey [IT/0200]" <jeffrey.reava@...rmacia.com>
To: "'psz@...hs.usyd.edu.au'" <psz@...hs.usyd.edu.au>,
   bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: RE: MS03-048: Thor and unpatched?



<snip>

(Is it known what http://www.pivx.com/qwikfix/ does? Will it remain free?
Is "Mocrosoft" a mis-spelling or some joke?)

</snip>

You can use In Control 5 to isolate the changes made by a given application.
Especially good for running down registry entries. Start to end, it should
only take about 1/2 hour to download, monitor changes and generate a report.
It's available here:
http://www.devhood.com/tools/tool_details.aspx?tool_id=432

For a slightly broader look at evaluating untrusted software in a controlled
environment:
http://www.sans.org/rr/papers/5/79.pdf

Abstract:
"Tools and techniques of reverse engineering allow the professional analyst
to identify and
describe in detail the behavior of malicious software in a test lab
environment. However,
many users and organizations lack both the resources and time to subject
untrusted
software to such stringent tests. To address the key business concern of "is
this software
safe to download and use?", a lightweight filtering methodology is proposed
that will
yield a reasonably reliable answer with a very modest resource and time
investment."


 


This communication is intended solely for the use of the addressee and may
contain information that is legally privileged, confidential or exempt from
disclosure.  If you are not the intended recipient, please note that any 
dissemination, distribution, or copying of this communication is strictly 
prohibited.  Anyone who receives this message in error should notify the 
sender immediately and delete it from his or her computer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ