Storage Daily
Security Daily
Networking Daily

FREE NEWSLETTERS

internet.commerce

Be a Commerce Partner

internet.com

IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Security Products

• WebAllow (Ashkon Technology LLC)
• USB Port Protection Software (Keylogger)
• Google Chrome Password Recovery (XaviWare Software Ltda.)
• Access Password Recovery (Barcode Design Software)
• Lock Folder Lock File! (Lock Folder Lock File! Software)
• Recover Thumb Drive Files (Data Recovery Software Downloads)

» Enterprise IT Planet » Security » Security Features

Deflecting Assaults on Privacy

By Lyne Bourque
February 17, 2004

Email Print Digg This Add to del.icio.us

While the preceding apps are examples of preventative measures, the reality is someone or something is likely to get through. And if they do, it isn't a bad idea to have a handy toolkit of utilities to use to detect problems and deal with them on the user's machine. Some utilities will say they catch everything but personally, I've never seen anything as thorough as three products from one software developer: CWShredder, HiJackThis! and StartupList.

What I have found with these three tools is that they often find items that many of the spyware products leave behind. They have a nice "Info" feature that allows an admin/tech support person to check the status of the Registry or system status. As an example, below I've done a CWShredder check first on my system:

CWShredder v1.47.3 scan only report

Windows XP (5.01.2600 SP1)
Windows dir: C:\WINDOWS
Windows system dir: C:\WINDOWS\system32
AppData folder: C:\Documents and Settings\fac3\Application Data
Username: lyne.bourque

Found Hosts file: C:\WINDOWS\system32\drivers\etc\hosts (734 bytes, A)
Shell Registry value: HKLM\..\WinLogon [Shell] Explorer.exe
UserInit Registry value: HKLM\..\WinLogon [UserInit] C:\WINDOWS\system32\userinit.exe,
CWS.Vrape/CWS.Addclass Registry value: DefaultPrefix [] http://
CWS.Vrape/CWS.Addclass Registry value: WWW Prefix [www] http://
Registry value: Mosaic Prefix [mosaic] http://
Registry value: Home Prefix [home] http://
Found Win.ini file: C:\WINDOWS\win.ini (1053 bytes, A)
Found System.ini file: C:\WINDOWS\system.ini (231 bytes, A)

- END OF REPORT -

Looks like my system is ok. Let's check HiJackThis!

Click to enlarge.

Overall nothing serious, but if I'm feeling suspicious I can check items by selecting them and getting information as to the risk they may carry. Configuration options allow me to ignore specific enterprise implemented tasks, creating a startup log (so I can check for any potential "nasties" there) and creating backups.

The last tool, StartupList, is a simple little program that generates a notepad listing of what things begin on a Windows machine. Very handy for troubleshooting.

Now while these tools are often targeted to the home user, administrators in enterprise environments shouldn't shy away from them. Remember that attackers often don't make distinctions between home and enterprise users. All they see is a victim. These three tools can be found at Merijn.org. An interesting side note, the site has been victim of a massive DDoS, perhaps a testament to the effectiveness of the tools finding the results of bad activity?

We have to realize that protecting privacy extends beyond individual end users. Our employees might inadvertently be putting the company at risk by simply performing research for a project or receiving what seems like work-related emails. While education is an excellent method of dealing with these threats, using technology as a backup helps to keep all the bases covered.

Go to page: Prev 1 2

Email Print Digg This Add to del.icio.us

Security Features Archives

The Network for Technology Professionals

Search:

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers

Solutions

Whitepapers and eBooks

Intel Whitepaper: 2010 Intel Core vPro Processors Overview
Article: Adobe Helps PHP Developers Create Rich Internet Applications
Article: Reduce Your Infrastructure Costs with Microsoft System Center
Intel Brief: Five-Star IT Support--Intel Core 2 processor with vPro Delivers ROI of 524 Percent
Article: Security Enhancements Abound in Windows Server 2008
Intel Whitepaper: Implementing Intel vPro Technology to Drive Down Client Management Costs
Microsoft Whitepaper: Improve Communications and Collaboration
Intel Article: Intel Core i5 vPro Brings Intelligence to the Processor
Microsoft Personalized Whitepapers and Resources for You
Microsoft Articles: Visual Studio 2010
Adobe Article: Java Developers Finding a Home at Adobe Flex
Microsoft Whitepaper: Make Better Decisions - SQL Server 2008 Business Intelligence.
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Micro Focus Webcast: Boosting the Impact and Effectiveness of Software Development QA and Testing
Microsoft Webcast: Simplified Access and Single Sign-On
Intel Video: 2010 Intel Core Processor Technologies
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Adobe Download: Tour de Flex Application and Explore Flex
Get Started: Create Applications Without Infrastructure Limits with the Windows Azure Platform
HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Free Adobe Online Flex Training: Check Out this Video Training Course Here
Develop Cloud Applications - Get Started Now with the Windows Azure Platform
Learn Unified Communications
Learn SQL Server 2008
Learn Windows Server 2008 R2
Internet.com Hot List: Get the Inside Scoop on IT and Developer Products
Learn Forefront
Learn System Center
All About Botnets
Learn SharePoint
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES