Re: Security Toolkit for dummies

[xgermx <xgermx () gmail com>]

Not to mention Microsoft COFEE now that it's been leaked

On Mon, Nov 9, 2009 at 6:17 PM, Anshuman Anil Deshmukh
<anshuman () cybage com> wrote:
> I use most of the tools which are mentioned below.
> These are some of the tools which I use but do not see in this thread-
>
> LSPFix (a broken one can render an Internet connection dead to the
> world)
> GMER (detects all rootkits and rogue programs)
> Asquared-free (a good antispyware with GUI and commandline scanner)
> Ccleaner (CCleaner is a freeware system optimization, privacy and
> cleaning tool. It removes unused files from your system - allowing
> Windows to run faster and freeing up valuable hard disk space. It also
> cleans traces of your online activities such as your Internet history.
> Additionally it contains a fully featured registry cleaner). This tool
> supports cleanup of all browsers with windows 7 compatibility
>
> -Anshuman
>
>
> -----Original Message-----
> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> On Behalf Of Jay Vlavianos
> Sent: Tuesday, November 10, 2009 12:11 AM
> To: 'jacob () excaliburfilms com'; 'exzactly';
> security-basics () securityfocus com
> Subject: RE: Security Toolkit for dummies
>
> In addition to the other tools mentioned, I send my tech's out with a
> bootable USB-Key with Kapersky Rescue for anti-virus scanning.  It is
> slow but takes updates from the server in ram-disk.  The more advanced
> tech's also get a copy of the Ultimate Boot CD on CD/USB key as well.
>
>
> -----Original Message-----
> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> On Behalf Of Jacob
> Sent: Thursday, November 05, 2009 10:49 AM
> To: 'exzactly'; security-basics () securityfocus com
> Subject: RE: Security Toolkit for dummies
>
> Other Ideas...
>
> FileMon
> RegMon
> Malwarebytes
> RootKit Revealer
> HijackThis
>
> -----Original Message-----
> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> On
> Behalf Of exzactly
> Sent: Wednesday, November 04, 2009 10:27 AM
> To: security-basics () securityfocus com
> Subject: Security Toolkit for dummies
>
> I am currently working on a (free)toolkit to pass down to Tier 3 and
> Tier 2
> to be used in the event of a breach/infection or suspected
> breach/infection.
>
> In a nutshell I want to give them some tools to use to gain further
> information about the system and processes and/or malicious tools
> running on
>
> it. This toolkit is designed for a Windows desktop and Server
> environment. I
>
> am looking at building out tools that are fairly easy to use and do not
> require much training. Currently I have the following tools on it:
>
>  (SysInternal tools)
> Autoruns
> PortMon
> Process Explorer
> Process Monitor
> Ps Tools
> Logon Sessions
>
> Other tools:
> Adaware
>
>
> Is there anything else folks out there are using to provide their lower
> level support guys with some tools for informational gathering
> purposes....the tools have to run offline as systems are removed in the
> event of a breach or infection...I am not looking for a full blown
> forensics
>
> kit, just something I can train folks unfamiliar with tool fairly
> quickly...
>
>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an
> SSL
> certificate.  We look at how SSL works, how it benefits your company and
> how
> your customers can tell if a site is secure. You will find out how to
> test,
> purchase, install and use a thawte Digital Certificate on your Apache
> web
> server. Throughout, best practices for set-up are highlighted to help
> you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
> f727
> d1
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an
> SSL certificate.  We look at how SSL works, how it benefits your company
> and how your customers can tell if a site is secure. You will find out
> how to test, purchase, install and use a thawte Digital Certificate on
> your Apache web server. Throughout, best practices for set-up are
> highlighted to help you ensure efficient ongoing management of your
> encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
> f727d1
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an
> SSL certificate.  We look at how SSL works, how it benefits your company
> and how your customers can tell if a site is secure. You will find out
> how to test, purchase, install and use a thawte Digital Certificate on
> your Apache web server. Throughout, best practices for set-up are
> highlighted to help you ensure efficient ongoing management of your
> encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
> f727d1
> ------------------------------------------------------------------------
>
>
> "Legal Disclaimer: This electronic message and all contents contain information from Cybage Software Private Limited 
> which may be privileged, confidential, or otherwise protected from disclosure. The information is intended to be for 
> the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution, or use of the contents of 
> this message is strictly prohibited. If you have received this electronic message in error please notify the sender 
> by reply e-mail to and destroy the original message and all copies. Cybage has taken every reasonable precaution to 
> minimize the risk of malicious content in the mail, but is not liable for any damage you may sustain as a result of 
> any malicious content in this e-mail. You should carry out your own malicious content checks before opening the 
> e-mail or attachment."
> www.cybage.com
>
>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------