Re: Languard

From: karl [x y] (jamescagney90210@excite.com)
Date: 08/03/02 

From: "karl [x y]" <jamescagney90210@excite.com>
Date: Fri, 2 Aug 2002 19:50:27 -0400

That Languard scanner is a good tool, but I'm not sure it was the tool I had
in mind. The file integrity checker [last time I looked] is hidden under
the "Languard White Paper" section.

Seems to me they also had a trojan scanner somewhere there as well. The
trojan scanner is described at www.sunbelt-software.com and there might be
a free trial download there as well. Or you might make it easy on yourself
and try the www.pestpatrol.com scanner instead, though their free download
scanner might be limited in function.

If you were hacked after installing all the Microsoft patches and installing
Norton, I'm guessing you also need to change the IIS settings by using
IISlockdown including URLscan and also going through the
www.microsoft.com/security IIS and Windows security checklists. If someone
is locking out your Windows password, then I'm guessing you also may not
have a firewall, because Windows networking traffic should not be able to
reach your server.

I can see from looking at your Fport results that you've got the following
services running that should be disabled [unless you need them]: SMTP mail
service, Telnet server, Terminal Services, and SNMP.

I'd also check into that file \??\C:\WINNT\system32\winlogon.exe mentioned
in the Fport results. I can't tell from here whether it is legitimate or
not. I might also suggest downloading the Forensic Toolkit from
foundstone.com and run sfind.exe [e.g. sfind c: ] to search for hidden file
streams.

"Essary" <essaryj@yahoo.com> wrote in message
news:022e01c23a51$79a45510$9be62ecf@tkmsftngxa03...

>-----Original Message-----

Relevant Pages

  • Re: backdoor.trojan
    ... some of the files were in use/protected that the scanner simply ... And when I ran it in safe mode, since the windows that I have which is ... FireWall to allow it to download the needed AV vendor related files. ... Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. ...
    (microsoft.public.security.virus)
  • Re: Microsoft or virus?
    ... | Windows XP Home edition with SP 2 and windows Internet Explorer 7. ... I suggest scanning the system in Safe Mode. ... FireWall to allow it to download the needed AV vendor related files. ... needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key ...
    (microsoft.public.security)
  • Microsoft security downloads screwed up scanner program
    ... I went to the microsoft download center and downloaded ... As soon as I did that, my scanner program stopped ... however, scan when I go into windows, system and double ...
    (microsoft.public.security)
  • Re: Scanning XP computer over the local network
    ... The normal Windows dialogue box for sharing does not ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key ...
    (alt.comp.anti-virus)
  • Re: Not there
    ... They were able to get back and save all the data and everything but my scanner seem to be working okay. ... in the Add/Remove programs, remove it, that is very likely a corrupted install. ... Tick Download drivers and software. ... Do not get the Update you do not need it for Windows 98 SE. ...
    (comp.periphs.scanners)