lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: aditya.deshmukh at online.gateway.technolabs.net (Aditya, ALD [ Aditya Lalit Deshmukh ])
Subject: Tools for checking for presence of adware remotely

> It's not difficult to figure out how things work on
> Windows systems.  Once you find that out, it's pretty
> simple.  I will defer to Marcus Ranum's title of
> "artificial ignorance" to describe how the Perl
> scripts work...by identifying those things that are
> known to be 'good' entries and filtering those out,
> you're left with the suspicious stuff.

but then the script that you produce will be made for you own site and they cannot be generalized beyond a point and how will you take care of the variations of the various computers like the servers / secretaries computers / high power workstations  which will all have different startup entries and other help objects. at the most the script will create a report that you can diff and see manually and decide what computers to visit. this in my humble opinion is not good for a big enterprise, there you require something that when run automatically disinfects and cures all the other malware when it detects it, can be updated from one central location and be run from a login script - this would a solution that is required. 

-aditya
??????????????????????????????????????????????????????
?b???v?"?.axZ?x??????Gb?*'??.?[kj???.?j)m???r??

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ