Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Registry Watcher

From: "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh () online gateway technolabs net>
Date: Sun, 9 May 2004 09:35:18 +0530
the common installation inserts and all programs have values that must be
inserted. If a "watcher" would have a data base to follow and any odd or
uncommon entries could be flagged. As far as I know all newly found viruses
insert registry entries and these could be placed in a data base that would
cause registry to deny and flag. 



viruses generally attack registry first because most of the application including 
os use registry for running properly.. so registry is the favorite target. but 
a virus can do much harm without changing registry also. 




hey for this sort of thing i use a program called as proport, it watches all the autostart up registry entries and 
alerts u when any new program is added to it. this program sits in the system tray so it is not obstrusive download it 
from www.tudpage.com u dont want regmon but proport for this sort of thing

-aditya


________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: