Educause Security Discussion mailing list archives
Re: Spyware, trojans and keyboard loggers?
From: Gary Flynn <flynngn () JMU EDU>
Date: Mon, 26 Jul 2004 14:16:38 -0400
James Moore wrote:
We are creating a "desktop security standard" and want to include protection against spyware and keystroke loggers. I am trying to get good coverage. I had anticipated that the big A/V vendors would have swallowed up anti - spyware/backdoors/keyloggers by now. But it seems that they haven't. In fact some are producing their own anti-spyware -- e.g. NAI/McAfee. Some vendors, like SpyCop claim that most "keystroke logger" protection doesn't cover 1) the commercial/shareware keyloggers and 2) nearly as many as they do. I am looking to get to the bottom line, which is coverage, in conjunction with clarity (i.e. it doesn't come with a 368 page manual that users are expected to read. It also doesn't come with simple 2 step instructions, the first of which is "get a MS in computer science). Any advice? Sample desktop security standards?
To fight things the old way: http://www.jmu.edu/computing/security/startsafe.shtml The real problem is the inability to identify trustworthy software. Adding on anti-virus software, anti-trojan software, anti-spyware software, anti-keyboardlogger software, ... is an exercise in futility. It is all malware. It is like having a network with a default permit rule. Every new thing is going to get in until you block a new port or add new anti-badthing to stop it. Like network security, a default deny rule is the secure thing to do. Define what is permitted and refuse everything else. Towards that end, on a professional desktop it would seem to be better to identify permitted software and use the OS features (ACLS, Software Restrictions, etc.) to limit only trusted executables to run. Of course, that implies some significant support headaches not to mention issues of "freedom" of one type or another. -- Gary Flynn Security Engineer James Madison University ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Spyware, trojans and keyboard loggers? James Moore (Jul 26)
- <Possible follow-ups>
- Re: Spyware, trojans and keyboard loggers? Gary Flynn (Jul 26)
- Re: Spyware, trojans and keyboard loggers? Edwards, Francis (Jul 26)