RE: Re: Cool Web Search

["Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh () online gateway technolabs net>]

> I have work to do..and to tell you the true, CWS isn't a problem 
> for me? Why because we have real network security. Desktop security is the 
> last line of defense. Multi-tier security will stop most spyware at the gate 
> and it will never get to you.


to DO THIS you still need to know the address of the CWS name server to block on the webproxy / ids / firewall combo so 
still for the first line of defence we need to have all the uptodate info.

> I watched one student try to create a program to remove CWS and he did a
> very good job, but he couldn't keep up. I can't blame him for that. He was
> fighting a team of programmers that were getting paid to write 
> this junk allday long. Some system admin spending three hours on a program will help
> everyone that day with one variant..but will be useless when a new variant
> comes out. 

this would be a great project for the sysadmin community i think every one contributes bits and pieces for the sf.net 
project ( which i dont know exists or not but anyone can always start one )

> Plus - using some tool that doesn't completely remove this spyware could
> give people false protect. Thinking their system is clean - 
> because they ran
> program X - but it is still e-mailing information.


 
> There needs to be a joining of Anti-Virus and Anti-spyware, but spyware is
> faster spreading and harder to remove then most viruses. Why do 
> you think AV companies stay out of the spyware game?

no they dont the latest version of both the norton antivirus and mcafee scan would also both have this capability of 
detecting this spyware but has to be enabled manually in the options....


-aditya

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html