Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: MS binary integrity baseline

from [Harlan Carvey] Network Security [Permanent Link]
Subject: Re: MS binary integrity baseline
Date: Thu, 19 Aug 2004 03:27:48 -0700 (PDT) 
Chris,
 

Is there anything that performs binary integrity
checks for Windows OS such 
as  rpm does for Redhat or apt does for Debian?


Sure...Windows File Protection.


I want something that will check Windows binaries
against a trusted source - 
MS site, install cd, etc so that I can determine
integrity baselines of 
current production systems before deploying an
integrity checking application.


Baselines of what?  All files?  Or only system files? 
Besides WFP, there are commercial products like
Tripwire.  

In addition, it's pretty trivial to roll your own in
Perl.  My web site
(http://patriot.net/~carvdawg/perl.html) has example
code you can use quite easily, and my book
(http://www.windows-ir.com) also includes some of the
same code.


I would have thought that this would be something
Microsoft would provide, but have not seen anything.


Well, depending on what it is you're looking for
exactly, maybe they already did.  But then, if they
didn't provide something to meet *you're* specific
needs, then what they've done is open up an economy by
allowing someone to provide such a thing.

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  MS binary integrity baseline, Chris Conacher
Next by Date:  Re: MS binary integrity baseline, Mark Burnett
Previous by Thread:  MS binary integrity baseline, Chris Conacher
Next by Thread:  Re: MS binary integrity baseline, Mark Burnett
Indexes:  [Date] [Thread] [Top] [All Lists]