dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
8586
share rss forum feed


RDionysus

join:2000-10-03
Lindenhurst, NY

LINK CENTRAL for Security Programs

There are so many different threads going on right now pertaining to Anti-Trojan, Anti-Virus, Spyware, Adware, General security, packet sniffers, what programs to use, what sites to visit....!?!!??!?
This humble post simply attempts to cull some of the redundancies in the various threads, and centralize some of the information. Some of the information/links in here has been extracted from many other great posts around the DSLR security forum; much of it has been from my own every-day surfing, and the rest from hackers and computer gurus (much more knowledgeable than me) here at my company.
So without further ado, a little list of links I hope will provide many with convenience and ease:

****COMMERCIAL/TRIALWARE ANTI-TROJAN PROGRAMS****

Tauscan: Can attack over 1000 trojans, not including variants.
Shareware, 30 day free trial, then costs $29.95 to register. Includes unlimited online trojan definition updates.
http://www.agnitum.com/products/tauscan/features.phtml

TDS-3 Trojan Defense Suite: Considered by many to be the most powerful anti-trojan program. Shareware, 30 day trial, afterward $39.99 to register
http://tds.diamondcs.com.au/

Anti-Trojan: Claims to attack and recognize over 5,800 signatures. Shareware, free for 5 uses then $22.00 to register. Includes unlimited online trojan definition updates. http://www.anti-trojan.net/home.asp?l=en&t=home

The Cleaner: Good features, includes online updates.
Shareware, 30 day free trial, then costs $29.95 to register.
http://www.moosoft.com/features.php

****FREEWARE ANTI-TROJAN PROGRAMS****

SurfinGuard: Is supposed to isolate executables and check against various trojan parameters, while you surf.
http://www.finjan.com/products_home.cfm

Trojan B-Gone: Includes a searchable trojan database
http://www.dark-e.com/tbg.html

TFAK: Only detects 480 trojans, but an independent review says that it has very advanced heuristics.
http://www.kryptocrew.de/snakebyte/indexe.htm

****COMMERCIAL/TRIALWARE ANTI-VIRUS PACKAGES****

Antiviral Toolkit Pro http://www.avp.ch/

Command AV http://www.commandcom.com/products/index.html

F-Secure http://www.fsecure.com/products/anti-virus/

McAfee http://www.mcafee.com/

Norton AV http://www.symantec.com/product/

PC-cillin http://www.antivirus.com/pc-cillin/products/

Sophos AV http://www.sophos.com/

Norman Virus Control (took over Thunderbyte) http://www.norman.com/tbav.shtml

Cybersoft http://www.cyber.com/

****FREEWARE ANTI-VIRUS PACKAGES****

InnoculateIT http://antivirus.cai.com/

AGV Anti Virus http://www.grisoft.com/html/us_index.cfm

Anti-Vir Personal Edition http://www.free-av.com/

****TROJAN/VIRUS INFORMATION SITES****

Trend Micro Real Time Virus Info http://wtc.trendmicro.com/wtc/

The Virus List http://www.viruslist.com/eng/default.asp

The Virus Bulletin http://www.virusbtn.com/

CIAC Viruses/Hoaxes http://www.ciac.org/

V-Myth http://www.vmyths.com/index.cfm

Dark-E Trojan Lab http://www.dark-e.com/archive/trojans/index.html

For the Hackers http://packetstorm.securify.com/trojans/

****GENERAL SECURITY/PRIVACY****

Not gonna enumerate the firewalls, it's discussed like hell here, and the consensus is that Zone Alarm http://www.zonelabs.com is the best

Newbies STAY AWAY from Lockdown2000! http://www.nwi.net/~pchelp/lockdown/Davis/index.html

L0pht Heavy Industries http://www.l0pht.com/

Snort Network Intrusion http://www.snort.org/

The Zero Knowledge Privacy Suite http://www.zeroknowledge.com/

Web Trends Security Analyzer ***This find was recommended by a sys admin friend of mine. Very robust commercial level package supports over 1000 security tests for Windows. You can download it FREEEEE for up to TEN machines!*** http://www.webtrends.com/products/wsa/default.htm

****DATA ENCRYPTION****

ABI Encoder Freeware, Nice program! http://www.abisoft.net/

Coded Drag File Encryption Trialware http://www.fim.uni-linz.ac.at/codeddrag/codedrag.htm

PowerCrypt 2000 Freeware http://www.ovsoft.it/powercry_eng.htm

Steganos Quick E-mail Encryptor http://www.steganos.com/world/mail/web/decryptEN.php3

Stego .GIF Writer http://www.stego.com/

****SPYWARE/SPAM INFO****

Gibson Research Corporation http://grc.com/default.htm

Counter-Exploitation.org http://cexx.org/main.htm

Adware/Badware http://accs-net.com/smallfish/advw.htm

"Bugging" MS-Word Documents http://www.privacyfoundation.org/advisories/advWordBugs.html

Lavasoft Ad-aware http://lavasoft.de/aaw/index.html

The Web-Bug Search Page http://users.rcn.com/rms2000/privacy/wbfind.htm

AlphaLink http://www.alphalink.com.au/~johnf/spyware.html

"Parasite" Programs http://cpcug.org/user/clemenzi/technical/Parasites.htm

The REAL Freeware List http://www.freewarelist.com/

PricelessWare REAL Freeware http://www.sover.net/~whoi/Priceless.html

This list of links was not meant to be exhaustive, but I do know that they are all valid, and most likely practical. I try to visit them at least once or twice a week to continue my "education".
Enjoy! And any comments or feedback are welcome!

[text was edited by author 2001-01-05 02:35:45]



EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY

Very good list, I know you put a lot of work into it. Maybe everyone can one or two links of their own to add the list?

Here are my two;
Spyware information : http://www.voiceofthepublic.com/IsYourFreewareSpyware.html

NEOTrace: http://www.neotrace.com/



rtoday

join:2000-11-05
California
reply to RDionysus

Thanks for the effort, RD. A helpful list, and Emilio's idea is great. This will be a good reference thread.



RDionysus

join:2000-10-03
Lindenhurst, NY
reply to EmilioG

Sure everyone can add; everyone is bound to have personal "favorites" that do not appear on my list. Hopefully this thread can be a repository of useful and PRACTICAL links.
BTW, www.voiceofthepublic.com/IsYourFreewarespyware.html
is a great site; I spend a lot of free time in their message forum, however I felt that much of the same spyware info can be found at http://www.alphalink.com.au/~johnf/spyware.html.
Thanks.



jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
Reviews:
·Cox HSI
·Speakeasy
reply to RDionysus

Fantastic! There have been so many threads with so much of the same info, all marked for my easy return, but this one takes care of so many of the others. Thank you for taking what must have been a goodly amount of time to put this all together.
--
JKK

Age is a very high price to pay for my maturity, so
if I can't stay young, I can at least stay immature!



jp
Premium
join:2000-05-18
Fountain Hills, AZ
reply to RDionysus

Great job!

For data encryption, I would add PGP at www.pgp.com

--
All that is gold does not glitter



gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
kudos:1
reply to RDionysus

http://www.securityfocus.com --- a repository of information and links; somewhat techie, but very thorough.
--
--------------
"If science is considered a closed priesthood, too difficult and arcane for the average person to understand, the dangers of abuse are greater." --Carl Sagan, from "Broca's Brain."



Rocktagon
Slightly Bent
Premium
join:2000-11-04
Chattaroy, WA
reply to RDionysus

WoW RDionysus,
Welcome to the forums,won't be long before your spinning with stars after posts such as these.
I had been attempting a similar post,but yours has way more valuable links than I could find.
Hopefully JANDOENT will add some of his and we will have a thread worthy of referencing to for many topics.
GREAT JOB
--
Quest for Knowledge



jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
Reviews:
·Cox HSI
·Speakeasy
reply to gwion

said by gwion:
http://www.securityfocus.com --- a repository of information and links; somewhat techie, but very thorough.
»www.securityfocus.com is one of the sites that I have come up on my home/main page for DSLR. That was one of those that Justin had as an option with (Customize boxes..) found right under the Special feature..
Company death watch shown in bright yellow on the righthand side of the main page.
--
JKK

Age is a very high price to pay for my maturity, so
if I can't stay young, I can at least stay immature!


gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
kudos:1

Thanks much!!! Gotta check my settings, now and again, 'til I learn all these options!
--

"The Year 2000 is technically not the start of the New Millennium. The Western Calendar starts with Year 1, and not Year 0, the 21st Century and the Third Millennium do not begin until January 1, 2001." --Arthur C. Clarke


System
reply to gwion

What a great idea this thread is!!
gwion the securityfocus link is absolutely ggggggreat!!

In my travels I stumbled on Sys-Security Group well worth a gander--their focus right now seems to be an issue which I had to deal with just a short time ago--ICMP vulnerabilities.

I wonder if anyone out there has had any experience with Security Port Scanner or Port Detective ?



boogietillyapuke
B.O.H.I.C.A.
Premium
join:2000-09-14
On Da' Edge
reply to RDionysus

Here's another decent link without taking up to much space.
http://davidovv2.homestead.com/freetoolsservices.html
--
Duct tape is like the force;it has a light side and a dark side,and it holds the universe together.



dainbramage
Take the 'F' out of cat
Premium
join:2000-09-02
Lynn, MA
reply to RDionysus

What a lot of time and effort put into your post, RDionysus. It is very much appreciated. And, btw, welcome!



EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY
reply to gwion

said by gwion:
http://www.securityfocus.com --- a repository of information and links; somewhat techie, but very thorough.
Strange thing about this site, when you (I) click on the link to look at the information on the Macromedia Flash player vulnerability, I get a plain page that says, "What do you think you are doing?" Does anyone else get this "reply" when you click on that link? What does that mean?


Rocktagon
Slightly Bent
Premium
join:2000-11-04
Chattaroy, WA

said by EmilioG:
said by gwion:
http://www.securityfocus.com --- a repository of information and links; somewhat techie, but very thorough.
Strange thing about this site, when you (I) click on the link to look at the information on the Macromedia Flash player vulnerability, I get a plain page that says, "What do you think you are doing?" Does anyone else get this "reply" when you click on that link? What does that mean?

I didn't!
Hmmmm.......
Very stange:O
--
Quest for Knowledge


EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY

BTW, I forgot to mention that Norton Internet security popped up with a security alert asking me if I wanted to block a certain piece of information from going out, and when I click BLOCK, I get that "what do you think you are doing" message. I will look into this further. I already Emailed Security Focus about it.



Dante2

join:2000-09-16
Camp Hill, PA
reply to RDionysus

Thanks Rdionysus ... Definatley gets MARKED
--
»www.DANIELFAULKNER.com "What Mumia doesn't want you to know!"



davidovv

@adsl.xs4all.nl
reply to RDionysus

Nice List! A small remark though; TDS is priced in Australian $; so un US$ the price is a lot cheaper.
By far the best anti-trojan at this very moment, btw.

cheers,

davidovv



jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
Reviews:
·Cox HSI
·Speakeasy
reply to Rocktagon

No, I get the following info.

Macromedia Flash SWF Buffer Overflow Vulnerability
bugtraq id 2162
class Boundary Condition Error
cve GENERIC-MAP-NOMATCH
remote Yes
local No
published December 29, 2000
updated January 04, 2001
vulnerable Macromedia Shockwave Flash 8.0 and Previous
- Sun Solaris 7.0
- Sun Solaris 2.6
- Slackware Linux 7.1

- S.u.S.E. Linux 7.0
- RedHat Linux 6.0 i386
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows NT 4.0
- MandrakeSoft Linux Mandrake 7.2
- Debian Linux 2.2
- Connectiva Linux 6.0
- Apple MacOS 9.0

not vulnerable

--
JKK

Age is a very high price to pay for my maturity, so
if I can't stay young, I can at least stay immature!


System
reply to Anon

Both are good. My company purchased both. In particular I found Security Port Scanner very effective.

I wonder if anyone out there has had any experience with Security Port Scanner or Port Detective ?
[/QUOTE]


System

Thx for the hands-on treble.

Can you perhaps tell us why both?
Do they work in concert with each other?
If you were to purchase which would yield the greatest bang for the buck?



RDionysus

join:2000-10-03
Lindenhurst, NY
reply to Anon

Glad everyone likes the list and it's terrific to see everyone adding MORE useful sites!

RE: davidovv...yes, the price I gave for TDS-3 IS in American dollars (approx. $39.99 US, would be ~$59 Australian), from the Diamond website

RE: techbc...Port Scanner, Port Detective

Has anyone checked out the WebTrends Security Package?
http://www.webtrends.com/products/wsa/intro.htm
Blurb from their website:
"WebTrends Security Analyzer discovers and fixes the latest known security vulnerabilities on Internet, intranet and extranet hosts. Currently Security Analyzer supports over 1000 tests for Windows, Solaris and Linux with the most advanced agent-based technology available. Systems are analyzed on demand or at scheduled intervals, allowing prioritization and comparative reports to be generated including recommended fixes that resolve possible threats. The built-in AutoSync technology seamlessly updates WebTrends Security Analyzer with the latest security tests for the most complete and current vulnerability analysis available."

By the way, I saw on their site that the Professional version of this package would cost a network administrator $2000.00, but you can download what looks to me the SAME package for FREE, if you use it on 10 or less machines. Sounds great, haven't checked it out personally yet though....


System
reply to Anon

Port detective is FREE, my company decided to go for it first. AWSPS is not free but is by far and large more comprehensive. Even in the trial version it has an amazingly huge set of tools. We are finding it very effective for chasing trojan horses.

said by techbc:
Thx for the hands-on treble.

Can you perhaps tell us why both?
Do they work in concert with each other?
If you were to purchase which would yield the greatest bang for the buck?


System
reply to RDionysus

RD that webtrends offer almost looks too good to be true--if it indeed does what it claims to be able to do and has a solid fix foundation--then we'd be all fools for not using it especially those that are either having or have had security issues to deal with!! What an offering I must admit!
Being the cautious sort, I'll wait to hear some feedback on its efficacy.

SO IF YOU HAVE EXPERIENCE WITH OR KNOWLEDGE ABOUT WEBTRENDS SECURITY ANALYZER

pls let us know!!



2kmaro
Think
Premium,ExMod 1 BC
join:2000-07-11
ColossalCave
kudos:1
reply to RDionysus

It would appear that the entire 12.2MB package is free for personal use. Here is the text of the 'Evaluation Agreement' from their download page, I bold-faced the part that makes it look like this is an Evaluation copy for some, a free-forever to others:
"Evaluation Limitations
This Software License only extends to use for personal use, by non-profit organizations, educational institutions or other tax-exempt organizations. Those users not included in the above categories are only granted a license to use this Software solely for purposes of demonstration, testing, and evaluation for 30 days– after which period you must either buy the software from WebTrends Corp or stop using it and remove it from your computer Installing this software constitutes your acceptance of the terms and conditions of the license agreement. Please read the license agreement before installation. Other rules and regulations of installing this software are:

The product can not be rented, loaned or leased - You are the sole owner of the product.
The customer shall not disclose the results of any benchmark test to any third party without WebTrends' prior written approval.
The customer will not publish reviews of the product without prior consent from WebTrends.
No liability for consequential damages. In no event shall WebTrends or its suppliers be liable to you for any consequential, special, incidental, or indirect damages of any kind arising out of the delivery, performance, or use of the software. Even if WebTrends has been advised of the possibility of such damages. In no event will WebTrends’ liability for any claim, whether in contract, tort, or any other theory of liability, exceed the license fee paid by you, if any. "

I read that first paragraph as "if you are an individual (or tax-exempt, or educational or non-profit org), you can keep it for as long as you want past the 30 day limit". If this lay person has interpreted it wrongly, won't one of you lawyer types please correct me?!:)



EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY

I may be wrong 2K, but it doesn't look that way to me.
It looks like it has to be purchased. Hopefully the DSLR attorneys will step up?
--
Emilio

Its failings notwithstanding, there is much to be said in favor of journalism
in that by giving us the opinion of the uneducated, it keeps us in touch with
the ignorance of the community.
-- Oscar Wilde



Zhen-Xjell
Prolific Bunny
Premium,ExMod 2001-04
join:2000-10-08
Bordentown, NJ
reply to RDionysus

Very nice condensed list, I've "marked" it. Would get my thumbs up, but 0 votes left.
--
Previously known as "laudanp".



RDionysus

join:2000-10-03
Lindenhurst, NY

reply to EmilioG

The legalese section about "...30 days evaluation...free for personal use afterward, blah, blah, blah" that 2kMaro brought to light is actually mentioned in various locations on their website. I think this language is pretty clear:
www.webtrends.com/products/wsa/license.htm)

"The Ten System Edition - The Ten System Edition is for use within a single organization. It allows one copy of the Ten System Edition to scan up to 10 IPs within one subnet. This Software License only extends for personal use and for use by non-profit organizations, educational institutions or other tax-exempt organizations. Those users not included in the above categories are only granted a license to use this Software solely for purposes of demonstration, testing, and evaluation for 30 days. You may not transfer, lease, assign, sublicense, or distribute the Software or make it available for timesharing, service bureau or on-line use. "

In other words, if you DON'T fit into the category of "personal use" you would have to pay after 30 days.
It sounds to me that unless you're the I.T. guy at a corporation, you can use this product free; even after 30 days. Hey, it's reminiscent of ZoneAlarm--free for personal use, pay for business use....
Anyway, I downloaded the package, and I'm gonna start playing around with it sometime tomorrow. Not sure if this package is overkill, though, for my measly 1 computer network.

[text was edited by author 2001-01-07 06:01:12]

[text was edited by author 2001-01-07 06:01:52]


System

Go for the gusto RD I'll be right behind you--dont know how far though! lol
Kindly keep us informed of your discoveries--I have a feeling you might get pretty popular in the next few days!!

You got my vote today!!



jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
Reviews:
·Cox HSI
·Speakeasy
reply to RDionysus

Geesh! Another program to think about. I only have 1 computer, if you call that a network, so I am not sure if it is something that I would need, but please post your responses to the product, in a separate thread, so others as well as myself are able to see how it has worked for you and how you like it.
--
JKK

Age is a very high price to pay for my maturity, so
if I can't stay young, I can at least stay immature!