Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Best spyware program

from [Bill Stout] Network Security [Permanent Link]
Subject: RE: Best spyware program
Date: Fri, 22 Jul 2005 11:06:46 -0700 


From what your asking, I understand that you want to test the

effectiveness of the anti-spyware program.

This is the browser-based test I use for our software.  I've found that
McAfee and MS AntiSpyware are the best at alerting you of immediate
threats.  

##Note: I've purposefully broken the links in this message by adding
spaces after the first dot.  Do not repair the links and hit these sites
without antivirus and antispyware protection.  Although our software
will pass the tests below, using other AV or AS protections will result
in infection.  I recommend using a 'scratch' system to test your
software. ###

1. Scan system for infections with test program

2. Disable Windows XP System Restore [Start -> Programs -> Accessories
-> System Tools -> System Restore].  Note: Windows System Restore will
restore viruses and Trojans removed by AV and AS programs!

3. With the software protection enabled, install spyware from these
sites:
Gator - http://www. gator.com/home2.html
Hotbar - http://www. hotbar.com/
Ezula - http://www. ezula.com/
Cydoor - http://www. cydoor.com/Cydoor/
SaveNow - http://www. whenu.com/about_savenow.html
CoolWebSearch (Please email me with current site)
Altnet - http://www. altnet.com/tech/peer.asp
BargainBuddy - http://www. limewire.com/english/content/home.shtml
BargainBuddy - http://web. net2phone.com/consumer/commcenter/

4. Scan system for infections with program of your choice - No traces
should be found
Note: I've found that free versions of AntiSpyware (e.g.; Ad-Aware) do
not detect or protect as much as paid versions (Ad-Aware Pro).  I've
noticed a big difference in detected and cleaned threats between free
and 'Pro'.
5. Remove infections if protection failed
6. Reboot
7. Scan system for infections with program of your choice - No traces
should be found

Repeat the above, but this time run through a set of online exploits for
step 3:
Exploit Codebase.Gen - http://sec.
drorshalev.com/dev/iehk/Vulnerabilities/Security%20Zones/Introduction/co
debase.html
Exploit MIME gen.exe - http://sec.
drorshalev.com/dev/iehk/Vulnerabilities/Content%20types/Execution/autoex
ec.eml
VBS Inor - http://sec.
drorshalev.com/dev/iehk/Vulnerabilities/Content%20types/Spoofing/example
2.mhtml
Exploit XPHelpDelete - http://sec.
drorshalev.com/dev/helpsupport/login.htm
JavaScript Downloader-FU http://www.
safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc-Demo/index.html
Exploit ContentType - http://sec.
drorshalev.com/dev/iehk/Vulnerabilities/Content%20types/Spoofing/example
1.mhtml
JavaScript AX/Runner - http://www.
halcyon.com/mclain/ActiveX/Runner/welcome.html
JavaScript Exploit DialogExp - http://sec.
drorshalev.com/dev/styleAttack/LarumWay.htm
JavaScript Exploit FormPaste - http://sec.
drorshalev.com/dev/localfiles/
JavaScript Exploit OVC.demo - http://sec. drorshalev.com/dev/officeXP/
Exploit AutoScanJPU - http://umbrella.
name/originalvuln/msie/AutoScanJPU/AutoScanJPU-MyPage.htm
Exploit viaSWFurl - http://umbrella.
name/originalvuln/msie/viaSWFurl/viaSWFurl-MyPage.htm
Exploit AutoScanJPU - http://umbrella.
name/originalvuln/msie/AutoScanJPU/AutoScanJPU-MyPage.htm
Exploit WsBASEjpu - http://umbrella.
name/originalvuln/msie/WsBASEjpu/WsBASEjpu-MyPage.htm 
Bad Parent http://umbrella.
name/originalvuln/msie/BadParent/BadParent-MyPage.htm
BodyRefreshLoadsJPU - http://umbrella.
name/originalvuln/msie/BodyRefreshLoadsJPU/BodyRefreshLoadsJPU-MyPage.ht
m 
HijackClick - http://umbrella.
name/originalvuln/msie/HijackClick/HijackClick-MyPage.HTM
http://umbrella.
name/originalvuln/msie/HijackClick/HijackClick2-MyPage.HTM 

4. Scan system for infections with program of your choice - No traces
should be found
5. Remove infections if protection failed
6. Reboot
7. Scan system for infections with program of your choice - No traces
should be found

Bill Stout
www.greenborder.com 


-----Original Message-----
From: Bapodara, Shyamal [mailto:Shyamal.Bapodara@earthtech.com] 
Sent: Wednesday, July 20, 2005 10:21 AM
To: security-basics@lists.securityfocus.com
Subject: Best spyware program

Hello Team
I do like to test different so called "free"  software available online.
What is the best to test if they don't have any spyware in it once it is
installed?
What will be the best way to test these with out compromising my system?
Thanks
Shyamal


This e-mail is intended to be delivered only to the named addressee(s)
and
may contain information that is confidential and proprietary.  If this
information is received by anyone other than the named addressee(s), the
recipient(s) should immediately notify the sender by e-mail and promptly
delete the transmitted material from your computer and server.  In no
event
shall this material be read, used, stored, or retained by anyone other
than
the named addressee(s) without the express written consent of the sender
or
the named addressee(s).
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ftp server windows, Me Unnamed
Next by Date:  Hardware Traffic Analyzer, Paul Ryan
Previous by Thread:  MS not buying Gator, er, Claria after all, Dave Aronson
Next by Thread:  Re: Best spyware program, McLain Causey
Indexes:  [Date] [Thread] [Top] [All Lists]