Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Playing with Viruses on windows

from [Castigliola, Angelo] Network Security [Permanent Link]
Subject: RE: Playing with Viruses on windows
Date: Wed, 11 Aug 2004 12:12:57 -0400 
VMWare is a really good idea. Filemon and Regmon is a must along with your 
favorite packet sniffer.

Angelo Castigliola III
Operations Technical Analyst I
UnumProvident IT Services
207.575.3820
 

-----Original Message-----
From: Altheide, Cory B. (IARC) [mailto:AltheideC@nv.doe.gov] 
Sent: Tuesday, August 10, 2004 3:14 PM
To: 'Cedric Foll'; focus-virus@securityfocus.com
Subject: RE: Playing with Viruses on windows


-----Original Message-----
From: Cedric Foll [mailto:cedric.foll@ac-rouen.fr] 
Sent: Tuesday, August 10, 2004 7:56 AM
To: focus-virus@securityfocus.com
Subject: Playing with Viruses on windows

Hi,

I would like to now if anyone knows good tools to play with 
w32 viruses. The idea would be to run it in a sandbox and 
trace all action the virus try to do and can say 'yes' or 
'no'. Something like 'The program try to write XXX in the 
registry, are you agree ?', 'It open a socket, is it ok ?', 
'it tries to open this file with W access'. I can do 
something quite similar with VMWARE and Kerio but I would 
like to have something with more information (like a (x)trace 
on Unix) and more interactive.

Regards.

--
Cedric Foll
Ingénieur réseaux et sécurité
Rectorat de Rouen


http://home.t-online.de/home/Ollydbg/

-- Cory
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Playing with Viruses on windows, Altheide, Cory B. (IARC)
Next by Date:  RE: Microsoft mydoom removal tool via SUS, Eric McCarty
Previous by Thread:  RE: Playing with Viruses on windows, Altheide, Cory B. (IARC)
Next by Thread:  Re: Playing with Viruses on windows, Ismael Briones
Indexes:  [Date] [Thread] [Top] [All Lists]