| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <41DEAFB6.3000506@digitalmunition.com> From: kf_lists at digitalmunition.com (KF (lists)) Subject: Microsoft AntiSpyware - First Impressions I love how the icon for this product is a big Target. Very appropreate. Anyone wanna takes bets on how long it takes for someone to find a hole in the Spynet p2p functions of this beast, what port is that listening on again? *grin* -KF James Patterson Wicks wrote: > We knew that Microsoft was going to put out an anti-spyware product > after they bought Giant in December, but I did not figure they could > re-brand Giant?s software in under a month. Their first shot at > anti-spyware came out today ? Microsoft AntiSpyware (Beta). I > installed it on a test machine that I have in the office. Just to be > safe, I ran a full Spybot S&D scan and then uninstalled the resident > TEA program since Microsoft AntiSpyware will install an agent if you > so wish. The only part of the installation that was strange was the > ?recommended? option of joining the ?Spynet AntiSpyware Community? > their ?Spyware Neighborhood Watch? that connects you to other > computers running the Microsoft AntiSpyware software. Don?t know how > many people will choose that option, but to me it does not make sense > to connect to a peer-to-peer network of infected computers, encrypted > traffic or not. > > I ran a full system scan and to my surprise, the software found some > old Timbuktu and Dameware DLL?s that I thought were uninstalled a year > ago. Were the files harmful? The tool stated that the Dameware files > were low risk, but the Timbuktu files were high risk. The tool also > found ?iLookup.GlobalWebSearch Browser Hijacker?, ?StartNow Hyperbar > Toolbar? and a bunch of ?MiniBug? instances. I was somewhat surprised > since my machine was ?clean? already. I then set up two lab desktops > and applied the same clean image on both of them (no anti-virus or > firewall installed). I then used IE to surf to the first ten sites > Google brought up when searching for ?online gambling? sites. I then > ran full system scans using Microsoft AntiSpyware on one desktop and > Spybot S&D on the other machine. Spybot found 65 objects, the > Microsoft tool found 92 objects. The results were similar except that > the Microsoft tool found a few more cookies, a bunch of minibugs and > something called ?SearchSquire.? > > While this was just a quick test to satisfy my curiosity about the > Microsoft tool, my initial feeling is that the Microsoft AntiSpyware > is worth a test deployment in the office. This beta expires in July. > Hopefully the final version will be free and allow for centralized > domain management. It?s the least that Microsoft can do. > > Pat Wicks > > Systems and Network Engineer >
Powered by blists - more mailing lists