Full Disclosure mailing list archives
Re: Tools for checking for presence of adware remotely
From: John Lampe <jwlampe () aceryder com>
Date: Wed, 30 Jun 2004 10:00:25 -0400 (EDT)
On Wed, 30 Jun 2004, Harlan Carvey wrote:
Does anyone out there know of any tools available to probe network workstations for the presence of adware/spyware?Sure...Perl scripts. As a security admin in an FTE position, I had scripts that checked all systems within the domain for entries in the ubiquitous 'Run' key, as well as for BHOs. Easy stuff, pretty trivial, actually.
And, using a similar methodology, Nessus checks for the top 20 spyware/adware progs. Of course, as most of these checks involve looking for a dll, exe, or registry entry, you'll need to configure Nessus with a domain, account, and passwd. John Lampe jwlampe -at- nessus.org http://f00dikator.aceryder.com/ "Truth is one, but error proliferates. Man tracks it down and cuts it up into little pieces hoping to turn it into grains of truth. But the ultimate atom will always essentially be an error, a miscalculation." --Rene Daumal _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Tools for checking for presence of adware remotely Peter B. Harvey (Information Security) (Jun 29)
- RE: Tools for checking for presence of adware remotely Jeff Schreiner (Jun 29)
- Re: Tools for checking for presence of adware remotely Nancy Kramer (Jun 29)
- Re: Tools for checking for presence of adware remotely Joseph Pierini (Jun 29)
- Re: Tools for checking for presence of adware remotely hax (Jun 29)
- Re: Tools for checking for presence of adware remotely Harlan Carvey (Jun 30)
- Re: Tools for checking for presence of adware remotely John Lampe (Jun 30)
- <Possible follow-ups>
- Re: Tools for checking for presence of adware remotely Joseph Pierini (Jun 29)