SecurityFocus Microsoft Newsletter #66
From: Marc Fossi (mfossi@securityfocus.com)Date: 12/27/01
- Previous message: Omar Koudsi: "RE: IE headers w patch level"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 Dec 2001 17:47:00 -0700 (MST) From: Marc Fossi <mfossi@securityfocus.com> To: Focus-MS <focus-ms@securityfocus.com>
SecurityFocus Microsoft Newsletter #66
--------------------------------------
This Issue is Sponsored by: Blackhat
Training and Security Conference Announcement Windows Security Briefings
and Training New Orleans 2002
The Black Hat Windows Security 2002 Briefings and Training will be held in
The Radisson Hotel New Orleans, New Orleans, LA from February 5-8, 2002.
Training: Feb 5-6, 2002 Briefings: Feb 7-8, 2002
Protect your assets from cyber intruders by attending the world's premier
technical event for Win2K, NT and .Net security experts. Receive insights
from 30 cutting edge security experts and "underground" security
specialists. Choose from 2 optional days and 4 tracks of intense hands-on
Windows security training, including a new NSA certification course
Network. Join hundreds of colleagues from around the world, and enjoy
Mardi Gras while you're here!
For updates and registration call +1.916.853.8555
Early Registration ends on January 1, 2002. For full conference details,
updates, and past speeches available for free, please go to
http://www.blackhat.com
-------------------------------------------------------------------------------
I. FRONT AND CENTER
1. Advertising Information
2. Using IPSec in Windows and XP, Part Two
3. Network Intrusion Detection Signatures, Part 1
4. Social Engineering Fundamentals, Part I: Hacker Tactics
5. Detecting the Software Switcheroo
II. MICROSOFT VULNERABILITY SUMMARY
1. Microsoft Internet Explorer XMLHTTP File Disclosure Vulnerability
2. Microsoft Windows XP Unauthorized Hotkey Program Execution...
III. MICROSOFT FOCUS LIST SUMMARY
1. question regarding SAM file / l0phtcrack / pwdump2 (Thread)
2. MS01-058 patch (Thread)
3. Taking control of ones machine (Thread)
4. NT4 Phantom user after rename (Thread)
5. urlscan configuration question (Thread)
6. Windows XP Update possible BUG [ Was: RE: RE: MS01-058 patch ]...
7. NTLM v2 implementation (Thread)
8. assigning folder rights (Thread)
9. Password complexity question in Win2k/AD (Thread)
10. VNC over SSH (Thread)
11. Multiple Remote Windows XP/ME/98 Vulnerabilities (Thread)
12. MS01-058/IE patch - why is it rated critical on servers?...
13. mac client password changes (Thread)
14. secure files (Thread)
15. SmoothWall 0.9.9 Problem (Thread)
16. ISAPI answer to "Microsoft IIS False Content-Length Field DoS...
17. Microsoft Security Bulletin MS01-058 (Thread)
18. Active Directory+IIS (Thread)
19. Print Queue (Thread)
20. Re : Microsoft IIS False Content-Length Field DoS...
21. FW: PC NETLINK (Thread)
22. Automating URLScan installation (Thread)
23. Re : Microsoft IIS False Content-Length Field DoS...
24. IIS Password Administration without IISADMPWD directory...
25. FW: Microsoft Security Notification Service (Thread)
26. SecurityFocus Microsoft Newsletter #65 (Thread)
27. Administrivia: Possible Infection (Thread)
28. rant on a Friday (Thread)
29. Blind penetration testing (Thread)
30. MSIE may download and run progams automatically - NOT SO FAST...
31. Antwort: AW: RE: strange exploit in Win2K server (Thread)
32. HFNetChk 3.3 Beta now available (Thread)
33. SQL Agent privileges (Thread)
34. Security software produced outside the US (Thread)
35. [RE: Microsoft .NET, ASP.NET, and IIS - any opinions?] (Thread)
36. Microsoft .NET, ASP.NET, and IIS - any opinions? (Thread)
37. Outlook + X-Mailer header ? (Thread)
38. strange exploit in Win2K server (Thread)
39. vpn woes (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
1. Retina
2. WinRoute Pro 4.0
3. NetFortress Remote
4. ICS Syslog Proxy for NT
V. NEW TOOLS FOR MICROSOFT PLATFORMS
1. pcInternet Patrol
2. SysOrb v2.0.1
3. IPFC v1.0
4. SpyCop v3.3
VI. SPONSORSHIP INFORMATION
I. FRONT AND CENTER
-------------------
1. Advertising Information
Reach the LARGEST audience of security professionals with SecurityFocus
direct e-marketing NOW!
SecurityFocus is the Web's most successful security intelligence site,
with more than 200,000 unique monthly visitors (September 2001), and
growing rapidly each week. Leverage the security portal of unrivaled
credibility and influence in your next direct marketing campaign.
To find out how SecurityFocus Web marketing and opt-in email newsletter
sponsorships can drive your company's success, contact us at
adsales@securityfocus.com, or download the Advertising Kit at
http://www.securityfocus.com/about/press/adverts.shtml. To speak directly
with a customer service representative, please call +1(650) 655-6350.
2. Using IPSec in Windows and XP, Part Two
by Chris Weber
This is the second part of a three-part series devoted to discussing the
technical details of using Internet Protocol Security (IPSec) in a Windows
2000 and XP environment. This article will discuss Security Associations,
main mode authentication and IKE, Quick Mode Authentication Headers and
ESP. We will also discuss some of the tools available in 2000 and XP.
http://www.securityfocus.com/infocus/1526
3. Network Intrusion Detection Signatures, Part 1
by Karen Frederick
This is the first in a series of articles on understanding and developing
signatures for network intrusion detection systems. In this article we
will discuss the basics of network IDS signatures and then take a closer
look at signatures that focus on IP, TCP, UDP and ICMP header values. Such
signatures ignore packet payloads and instead look for certain header
field values or combinations of values. By learning about network IDS
signatures, you’ll have more knowledge of how intrusion detection systems
operate, and you’ll have a better foundation to write your own IDS
signatures.
http://www.securityfocus.com/infocus/1524
4. Social Engineering Fundamentals, Part I: Hacker Tactics
by Sarah Granger
One morning a few years back, a group of strangers walked into a large
shipping firm and walked out with access to the firm’s entire corporate
network. How did they do it? By obtaining small amounts of access, bit by
bit, from a number of different employees in that firm. First, they did
research about the company for two days before even attempting to set foot
on the premises. For example, they learned key employees’ names by calling
HR. Next, they pretended to lose their key to the front door, and a man
let them in. Then they "lost" their identity badges when entering the
third floor secured area, smiled, and a friendly employee opened the door
for them.
http://www.securityfocus.com/infocus/1527
5. Detecting the Software Switcheroo
by Jon Lasser
It may be the next big thing in Trojan horse attacks: swapping bad code
for good code in transit. Fortunately, there's a defense
http://www.securityfocus.com/columnists/48
II. BUGTRAQ SUMMARY
-------------------
1. Microsoft Internet Explorer XMLHTTP File Disclosure Vulnerability
BugTraq ID: 3699
Remote: Yes
Date Published: Dec 15 2001 12:00A
Relevant URL:
http://www.securityfocus.com/bid/3699
Summary:
An issue exists in handling of HTTP redirects in the Microsoft XMLHTTP
ActiveX component.
When a server responds to a XMLHTTP request with a redirect, the XMLHTTP
method will access the content at the location of the redirect without
considering the URL protocol. If the redirect is to a file on the user's
filesystem, the contents of the file will become available to the script
code that invoked the ActiveX object.
The vulnerability is present when a request is made to a server via the
XMLHTTP methods 'XMLHTTP.Open()' and 'XMLHTTP.Send()', and the response is
a redirect such as this:
The URL has moved here
XMLHTTP will automatically follow the redirect, and read the contents of
the file in. The file contents are then accessible by the rest of the
script code as the request response property, and may be transmitted to
another website.
This could lead to a disclosure of sensitive information to remote
attackers.
2. Microsoft Windows XP Unauthorized Hotkey Program Execution Vulnerability
BugTraq ID: 3703
Remote: No
Date Published: Dec 17 2001 12:00A
Relevant URL:
http://www.securityfocus.com/bid/3703
Summary:
An issue exists on Windows XP which could allow for unauthorized users to
execute arbitrary programs on a locked workstation.
When a Windows XP system is left idle for a certain amount of time, by
design, the system locks requiring the user to enter authentication
information in order to unlock the workstation.
Reportedly, when a workstation is locked it is possible to initiate
programs residing on the system. This is accomplished through the use of
Hotkeys, depending on the Hotkey associated with a program, it can be
initiated by selecting the appropriate Hotkey combination.
Successful exploitation of this vulnerability will allow an unauthorized
user to utilize programs with the permissions of the originally logged in
user despite the console being 'locked'.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. question regarding SAM file / l0phtcrack / pwdump2 (Thread)
Relevant URL:
3.0.6.32.20011221005513.0081e6f0@mailandnews.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=3.0.6.32.20011221005513.0081e6f0@mailandnews.com&threads=1
2. MS01-058 patch (Thread)
Relevant URL:
aa.3c61acd.2954ac0c@aol.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=aa.3c61acd.2954ac0c@aol.com&threads=1
3. Taking control of ones machine (Thread)
Relevant URL:
4. NT4 Phantom user after rename (Thread)
Relevant URL:
5833B98BD25CB54B9896FFAE74780B244642@server1.Home.KnobbeITS.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=5833B98BD25CB54B9896FFAE74780B244642@server1.Home.KnobbeITS.com&threads=1
5. urlscan configuration question (Thread)
Relevant URL:
20011220204903.26624.qmail@mail.securityfocus.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=20011220204903.26624.qmail@mail.securityfocus.com&threads=1
6. Windows XP Update possible BUG [ Was: RE: RE: MS01-058 patch ] (Thread)
Relevant URL:
7. NTLM v2 implementation (Thread)
Relevant URL:
8. assigning folder rights (Thread)
Relevant URL:
9. Password complexity question in Win2k/AD (Thread)
Relevant URL:
DBC363EA37C5D311823A00508BCF2A6A09699931@seamail.ssofa.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=DBC363EA37C5D311823A00508BCF2A6A09699931@seamail.ssofa.com&threads=1
10. VNC over SSH (Thread)
Relevant URL:
20011220102026.31623.qmail@mail.securityfocus.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=20011220102026.31623.qmail@mail.securityfocus.com&threads=1
11. Multiple Remote Windows XP/ME/98 Vulnerabilities (Thread)
Relevant URL:
MKEAIJIPCGAHEFEJGDOCMEOBDEAA.marc@eeye.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=MKEAIJIPCGAHEFEJGDOCMEOBDEAA.marc@eeye.com&threads=1
12. MS01-058/IE patch - why is it rated critical on servers? (Thread)
Relevant URL:
c503a8c0@waw.getin.pl&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=005001c18936$d0b3d410$c503a8c0@waw.getin.pl&threads=1
13. mac client password changes (Thread)
Relevant URL:
A186CEEEC0C2D31193640008C71E61350FAECF@mailhost.lacewood.co.uk&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=A186CEEEC0C2D31193640008C71E61350FAECF@mailhost.lacewood.co.uk&threads=1
14. secure files (Thread)
Relevant URL:
15. SmoothWall 0.9.9 Problem (Thread)
Relevant URL:
EBEKIPJCIAPMGAMINGHHIEAADCAA.andrewk@spray-quip.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=EBEKIPJCIAPMGAMINGHHIEAADCAA.andrewk@spray-quip.com&threads=1
16. ISAPI answer to "Microsoft IIS False Content-Length Field DoS Vulnerability" ? (Thread)
Relevant URL:
243C47087E9A9E4A86A2650B4E454EC198DD@globalsis1.globalsis.com.ar&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=243C47087E9A9E4A86A2650B4E454EC198DD@globalsis1.globalsis.com.ar&threads=1
17. Microsoft Security Bulletin MS01-058 (Thread)
Relevant URL:
c503a8c0@waw.getin.pl&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=029f01c187bd$0ab9ec10$c503a8c0@waw.getin.pl&threads=1
18. Active Directory+IIS (Thread)
Relevant URL:
0393D629EEDEC246956A0F2CEBF8F83B01E24D@njmail1.dbma.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=0393D629EEDEC246956A0F2CEBF8F83B01E24D@njmail1.dbma.com&threads=1
19. Print Queue (Thread)
Relevant URL:
MPBBJJHAAKGMHBNIPKGFOEKODHAA.sysadmin@fortune800.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=MPBBJJHAAKGMHBNIPKGFOEKODHAA.sysadmin@fortune800.com&threads=1
20. Re : Microsoft IIS False Content-Length Field DoS Vulnerability (Thread)
Relevant URL:
21. FW: PC NETLINK (Thread)
Relevant URL:
22. Automating URLScan installation (Thread)
Relevant URL:
5DFDA65A902AD411B5C80020352A82980503552C@se001031.rbc1.royalbank.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=5DFDA65A902AD411B5C80020352A82980503552C@se001031.rbc1.royalbank.com&threads=1
23. Re : Microsoft IIS False Content-Length Field DoS Vulnerabili ty (Thread)
Relevant URL:
24. IIS Password Administration without IISADMPWD directory (Thread)
Relevant URL:
20011217162016.18227.qmail@mail.securityfocus.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=20011217162016.18227.qmail@mail.securityfocus.com&threads=1
25. FW: Microsoft Security Notification Service (Thread)
Relevant URL:
BB7FD4FF9E440648A731452E5D341FB0C66235@hitsexchange01.advance-med.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=BB7FD4FF9E440648A731452E5D341FB0C66235@hitsexchange01.advance-med.com&threads=1
26. SecurityFocus Microsoft Newsletter #65 (Thread)
Relevant URL:
Pine.GSO.4.30.0112171525290.23418-100000@mail.securityfocus.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=Pine.GSO.4.30.0112171525290.23418-100000@mail.securityfocus.com&threads=1
27. Administrivia: Possible Infection (Thread)
Relevant URL:
Pine.GSO.4.30.0112171340560.21315-100000@mail.securityfocus.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=Pine.GSO.4.30.0112171340560.21315-100000@mail.securityfocus.com&threads=1
28. rant on a Friday (Thread)
Relevant URL:
Pine.GSO.4.30.0112171053250.3348-100000@mail.securityfocus.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=Pine.GSO.4.30.0112171053250.3348-100000@mail.securityfocus.com&threads=1
29. Blind penetration testing (Thread)
Relevant URL:
NEBBJAILALHBJPGFGKEPAECDCFAA.marty@kesem.net&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=NEBBJAILALHBJPGFGKEPAECDCFAA.marty@kesem.net&threads=1
30. MSIE may download and run progams automatically - NOT SO FAST (Thread)
Relevant URL:
31. Antwort: AW: RE: strange exploit in Win2K server (Thread)
Relevant URL:
32. HFNetChk 3.3 Beta now available (Thread)
Relevant URL:
C3729BBB6099B344834634EC67DE4AE10382307E@red-msg-01.redmond.corp.microsoft.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=C3729BBB6099B344834634EC67DE4AE10382307E@red-msg-01.redmond.corp.microsoft.com&threads=1
33. SQL Agent privileges (Thread)
Relevant URL:
GHEGKEPDEHBCJCAIIMKAEEBBCEAA.sypox@swip.net&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=GHEGKEPDEHBCJCAIIMKAEEBBCEAA.sypox@swip.net&threads=1
34. Security software produced outside the US (Thread)
Relevant URL:
6517C958AA87D111979E00A0C955A6870137A805@tidalwave.nrlssc.navy.mil&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=6517C958AA87D111979E00A0C955A6870137A805@tidalwave.nrlssc.navy.mil&threads=1
35. [RE: Microsoft .NET, ASP.NET, and IIS - any opinions?] (Thread)
Relevant URL:
EFA9044969BFD111BFBE00805F0D78060445C24B@ral-po01.bbtnet.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=EFA9044969BFD111BFBE00805F0D78060445C24B@ral-po01.bbtnet.com&threads=1
36. Microsoft .NET, ASP.NET, and IIS - any opinions? (Thread)
Relevant URL:
CDEBAB5BBFE0024AABEAF438FB2A4D07013801AA@exgau100qsm00.oceania.corp.anz.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=CDEBAB5BBFE0024AABEAF438FB2A4D07013801AA@exgau100qsm00.oceania.corp.anz.com&threads=1
37. Outlook + X-Mailer header ? (Thread)
Relevant URL:
38. strange exploit in Win2K server (Thread)
Relevant URL:
F153LcjTOYEU19TelvJ000039e7@hotmail.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=F153LcjTOYEU19TelvJ000039e7@hotmail.com&threads=1
39. vpn woes (Thread)
Relevant URL:
MJEDJGHGDPCEOOBMAFJOAECCCDAA.c.vittek@home.com&threads=1">http://www.securityfocus.com/cgi-bin/archive.pl?id=88&mid=MJEDJGHGDPCEOOBMAFJOAECCCDAA.c.vittek@home.com&threads=1
IV.NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. Retina
by eEye
Platforms: Windows 95/98, Windows NT
Relevant URL:
http://www.eeye.com/html/Products/Retina/index.html
Summary:
This latest version of Retina takes a giant step forward from version 2.0.
Retina 3.0 includes the addition of hundreds of new vulnerability checks
and a re-write of the scanning engine, to make Retina the fastest Network
Security Scanner on the market. Features include: * CHAMTM (Common Hacking
Attack Methods) modules. Utilizes sophisticated Artificial Intelligence
components that allow it to think like a hacker. * Fix-ItTM technology.
Provides the network administrator the ability to remotely detect and
correct system security vulnerabilities. Retina is a network security
scanner and monitor. It helps discover and fix all known security
vulnerabilities on your Internet, Intranet and extranet systems. Retina
includes easy to navigate reporting tools to help you prioritize and
isolate high priority fixes. Adaptive Scanning Logic. There are various
other network auditing tools out there. However, most of them are lacking
in features and real world security auditing. Retina on the other hand is
designed to work like a human network security analyst. AI logic is built
in to handle "What If" and "In Case" scenarios. Open Architecture with
Plug-in Modules. Retina works with plug-in modules. Modules can be written
in any programming language. This means you can write your own network
specific test routines and incorporate them into the full auditing
procedure, including your own warnings, alerts and actions.
2. WinRoute Pro 4.0
by Tiny Software
Platforms: Windows 95/98, Windows NT
Relevant URL:
http://www.tinysoftware.com/v40.html
Summary:
WinRoute Pro is the ultimate Internet Router - Firewall software making it
virtually effortless to set all of the computers in your network up to
share a single Internet connection! Connect through a dial-up line, DSL,
ISDN or Cable, leased line or DirecPC. It's that easy! NOW in version 4.0
- remote administration, detailed logging info and low level driver
improvements. Tiny Software is proud to announce Winroute Pro 4.0, the
first of its class with Remote Administration for all of your networks. In
addition to the numerous features WinRoute includes, such as Firewall,
DHCP, DNS, Mail Server, Proxy, Advanced Packet filtering, Security and
NAT, version Pro 4.0 now allows the NEW advanced features: Secure Remote
Administration and Remote Reporting and System Logs
3. NetFortress Remote
by Fortress Technologies
Platforms: Windows 95/98, Windows NT, Windows 2000
Relevant URL:
http://www.fortresstech.com/remote.html
Summary:
The NetFortress Remote safely and easily extends your secure business
network to remote workers and telecommuters in a simplified, cost
effective and secure manner. The NetFortress Remote works with the
NetFortress Classic and M-Series to build secure tunnels through the
Internet so sensitive information can be transmitted with complete
confidentiality. The NetFortress Remote can also operate in a corporate
environment to secure internal data communications on a LAN or WAN.
Whether the NetFortress Remote is used for internal or remote access, this
client transparently encrypts and authenticates all pertinent data to
protect against eavesdropping and data tampering.
4. ICS Syslog Proxy for NT
by Integrated Computer Solutions, Inc.
Platforms: Windows NT
Relevant URL:
http://www.integrate-u.com/icsSPNT.asp?page=1
Summary:
ICS Syslog Proxy for NT seamlessly integrates the Windows NT logs into the
Unix syslog, allowing you to use the existing event auditing tools you
have in place on your Unix platforms to monitor your NT resources.
V. NEW TOOLS FOR MICROSOFT PLATFORMS
------------------------------------
1. pcInternet Patrol
by Internet Security Alliance
Relevant URL:
http://www.isa-llc.com/downloads/pcip.php
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
pcInternet Patrol maximizes protection with minimum user involvement This
product finds 6 times more potentially dangerous programs/modules than
other leading personal firewalls. Other features are:
- Stops all intruder programs both known and unknown;
- Users always have the latest programs definition without the need for an
update;
- Keeps you and your computer out of harms way, without getting in your
way;
- Cannot be disabled by an intruder without alerting user or
administrator;
- Activates Intruder tracking to trace IP address of intruder for possible
apprehension;
- Continuously monitors the state of the NETBIOS ports, the first entry
target for intruders;
- Help with security issues in real time!
2. SysOrb v2.0.1
by oestergaard
Relevant URL:
http://www.sysorb.com/
Platforms: FreeBSD, Linux, Solaris, SunOS, Windows 2000, Windows NT
Summary:
SysOrb is a client/server package that can monitor servers remotely (such
as Web servers), or monitor devices on servers (such as disks, memory,
load, etc.). It will alert the administrators via e-mail or pager if a
server is entering a critical condition, and has its own database backend,
allowing for massive collection of system statistics.
3. IPFC v1.0
by Tycho Fruru
Relevant URL:
http://www.conostix.com/ipfc/
Platforms: UNIX, Windows 2000, Windows NT, Windows XP
Summary:
IPFC is software and a framework to manage and monitor multiple types of
security modules across a global network. Security modules can be as
diverse as packet filters (like netfilter, pf, ipfw, IP Filter, checkpoint
FW1, etc.), NIDS (Snort, arpwatch, etc.), Web servers, and other general
devices (from servers to embedded devices). It features log collection for
different security "agents", dynamic log correlation possibilities, and
easy extensibility due to the generic database and XML message formats
used.
4. SpyCop v3.3
by Kevin Miles
Relevant URL:
www.spycop.com
Platforms: Windows 2000, Windows 95/98, Windows XP
Summary:
This trial version will search the first 200 files it randomly finds on
your system for spy software in order to test compatibility. The trial
version does not provide a definitive answer as to whether your system
contains spy software. When the trial version finishes its scan, it will
tell you whether spy software was found in the 200 files it scanned. If
you have 5000 files on your system, the other 4800 files will not be
scanned at all.
SpyCop was designed to find computer monitoring spy programs, and is the
most powerful solution available anywhere for doing so. If you wish to
search your entire system for any of the such spy programs, you must
purchase the full version of SpyCop.
VI. SPONSORSHIP INFORMATION
---------------------------
This Issue is Sponsored by: Blackhat
Training and Security Conference Announcement Windows Security Briefings
and Training New Orleans 2002
The Black Hat Windows Security 2002 Briefings and Training will be held in
The Radisson Hotel New Orleans, New Orleans, LA from February 5-8, 2002.
Training: Feb 5-6, 2002 Briefings: Feb 7-8, 2002
Protect your assets from cyber intruders by attending the world's premier
technical event for Win2K, NT and .Net security experts. Receive insights
from 30 cutting edge security experts and "underground" security
specialists. Choose from 2 optional days and 4 tracks of intense hands-on
Windows security training, including a new NSA certification course
Network. Join hundreds of colleagues from around the world, and enjoy
Mardi Gras while you're here!
For updates and registration call +1.916.853.8555
Early Registration ends on January 1, 2002. For full conference details,
updates, and past speeches available for free, please go to
http://www.blackhat.com
-------------------------------------------------------------------------------
- Previous message: Omar Koudsi: "RE: IE headers w patch level"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
