I'm at the Microsoft MVP Summit meeting and today at one of our Developer Security Meetings, the meeting got a little feisty as the Developer Security/Security MVP's are a take no prisons type of group and it was a lively discussion about a third party open source security product (sorry I can't say which product). So fear not, there are still those out there who are more then just a little passionate about security. It was a great discussion and points were made on either side and I quite enjoyed it.
It was great to see Marcus Murray again this year and catch up on what all has been going on.
Blake -- Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool
Wasn't a microsoft product, but was an example of how using extra security tools can lead to an increased attack surface if they aren't used properly. -- Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool
I should have been clearer, I was referring to "is it for Windows, Linux, or other", but understand that anything loading like security tools do now utilizing kernel can breach any protection you put in place if there is an exploit for the A/V or similar tool you run.
Someone even commented here recently on ring 0 and a tool that loaded before it.....dangerous if the tool is not updated in years.....sure you get protection from most or the majority but not all new malware.
I guess you or someone will pass on the info soon enough. -- The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke