Security Basics mailing list archives
RE: SPYWARE detection
From: "Bill Geschwind" <geschwin () email unc edu>
Date: Wed, 17 Mar 2004 13:57:41 -0500
SpyBot and Ad-aware are a decent way to protect against spyware, and if you have lots of workstations under your umbrella, this does not have to be prohibitive. I have been working on a way to install and run SpyBot automatically and as unobtrusively as possible over our network. It does require a little bit of tweaking. If you are interested, I have written up how I did this and what my testing has found in a Word document which you can find here: http://www.unc.edu/~geschwin/autosbnw.doc Cheers, Bill ********************************************************************* Bill Geschwind, CNE, MCSE Technical Assistance Manager Department of Technology and Systems Support Division of Student Affairs, University of N. Carolina at Chapel Hill 03 Teague Hall, CB# 5510 (919) 962-5629 Chapel Hill, NC 27599 geschwin () email unc edu ********************************************************************* -----Original Message----- From: Mike [mailto:mike () superiorholidayadventures ca] Sent: Wednesday, March 17, 2004 10:32 AM To: Virginia Benedict Cc: SECURITY-BASICS () securityfocus com Subject: RE: SPYWARE detection Microsoft's ISA server is a good example of an application layer proxy: http://www.microsoft.com/isaserver/ There are many ways to "block" spyware: * You can blacklist domains that are known for these spyware programs when they phone home. These, I'm sure, would change.. making a management nightmare. * You could use a Group Policy and deny running a list of .exe's known to belong to spyware. Again, things change, management nightmare. * There's always SpyBot and Ad-Aware. A decent way to protect against spyware.. but if you've got a lot of workstations under your umbrella, this method could prove to be prohibitive. * You could use a "Watchdog" type of card (http://www.cyic.com/watchdog.htm). There are many methods to deal with the plague that is spyware/adware. Those are just some of my ideas. Mike Fetherston <snip> --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- SPYWARE detection JAVIER OTERO (Mar 12)
- RE: SPYWARE detection Aditya, ALD [Aditya Lalit Deshmukh] (Mar 15)
- <Possible follow-ups>
- RE: SPYWARE detection Mike (Mar 15)
- RE: SPYWARE detection Mike (Mar 17)
- RE: SPYWARE detection Bill Geschwind (Mar 17)