RE: SPYWARE detection

["Mike" <mike () superiorholidayadventures ca>]

Microsoft's ISA server is a good example of an application layer proxy:  http://www.microsoft.com/isaserver/

There are many ways to "block" spyware:

* You can blacklist domains that are known for these spyware programs when they phone home.  These, I'm sure, would 
change.. making a management nightmare.
* You could use a Group Policy and deny running a list of .exe's known to belong to spyware.  Again, things change, 
management nightmare.
* There's always SpyBot and Ad-Aware.  A decent way to protect against spyware.. but if you've got a lot of 
workstations under your umbrella, this method could prove to be prohibitive.
* You could use a "Watchdog" type of card (http://www.cyic.com/watchdog.htm).

There are many methods to deal with the plague that is spyware/adware.  Those are just some of my ideas.

Mike Fetherston

-----Original Message-----
From: Virginia Benedict [mailto:techanalyst () earthlink net] 
Sent: Wednesday, March 17, 2004 9:30 AM
To: Mike
Subject: Re: SPYWARE detection

Can you please elaborate on "application layer proxy?"  
Are there any apps or templates one can deploy?
How about Spyware Prevention?  Block? at the gateway.
 
Thanks,
Virginia Benedict
----- Original Message ----- 
From: Mike 
To: JAVIER OTERO ; SECURITY-BASICS () securityfocus com 
Sent: Monday, March 15, 2004 8:53 AM
Subject: RE: SPYWARE detection

An application layer proxy may accomplish what you want.

Mike Fetherston

> -----Original Message-----
> From: JAVIER OTERO [mailto:jotero () SMARTEKH com]
> Sent: Friday, March 12, 2004 11:51 AM
> To: SECURITY-BASICS () securityfocus com
> Subject: SPYWARE detection
>
> We want detect spyware in the gateway, is there any product that does?
> I have searched in google.
>
>
> Thanks
> Ing. Fco. Javier Otero De Alba
> Diplomado en Seguridad Informática ITESM CEM
> ITStrap
> Product Manager
> Neoteris
>
> 5243-4782 al 84 Ext.300
> México, D.F.
>
> --------------------------------------------------------------------------
> -
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
> any course! All of our class sizes are guaranteed to be 10 students or
> less
> to facilitate one-on-one interaction with one of our expert instructors.
> Attend a course taught by an expert instructor with years of in-the-field
> pen testing experience in our state of the art hacking lab. Master the
> skills
> of an Ethical Hacker to better assess the security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> --------------------------------------------------------------------------
> --


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------