Security Basics mailing list archives

RE: Network spyware detection

From: "Clarke, Tyronne (contractor)" <Tyronne.Clarke.ctr () dcma mil>
Date: Mon, 2 Aug 2004 11:50:20 -0400

How do you detect ADS (Alternate Data Stream) being they are subterranean and hide inside the file system, invisible to 
Window directory tools and most AV products ?? I heared Symantec Corporate edition has protection if turned on but I'm 
not sure, anyone ???  

-----Original Message-----
From: Barber, Chris Mr. ATEC/Contractor
[mailto:Chris.M.Barber () atec army mil]
Sent: Thursday, July 29, 2004 9:20 AM
To: 'security-basics () securityfocus com'
Subject: RE: Network spyware detection


Ben,
        Symantec Antivirus 9.0 has that option built in.  With SAV
Enterprise you can manage all your SAV clients and have them scan for AD/Spy
ware.  It is not an automatic scan, but it can be setup as a scheduled scan.
The schedule and the policy are pushed from the Enterprise server to the
clients.


Chris.



-----Original Message-----
From: Ben Huntley [mailto:benh () steffian com] 
Sent: Tuesday, July 27, 2004 8:10 AM
To: security-basics () securityfocus com
Subject: Network spyware detection


hi,
 
do any of you have recommendations/preferences regarding spyware detection
software appropriate for win2k networks?  spybot s&d 1.3 is part of our base
workstation image, however, we'd like to find something that can be
controlled & maintained from an admin perpsective (e.g broadcast updates,
tweaks, et al).  thanks in advance!
 
ben 

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

RE: Network spyware detection LINKCRAFT (Aug 02)
- <Possible follow-ups>
- RE: Network spyware detection Handy, Mark (IT) (Aug 02)
- RE: Network spyware detection Dowling, Gabrielle (Aug 02)
- RE: Network spyware detection Clarke, Tyronne (contractor) (Aug 02)
- RE: Network spyware detection Nick Duda (Aug 03)
  - RE: Network spyware detection Mark Harris (Aug 03)
- RE: Network spyware detection Luke Sullivan (Aug 04)
  - RE: Network spyware detection Pablo Hauser (Aug 05)