[Dshield] Software Inventory?

John Hardin johnh at aproposretail.com
Fri May 17 16:33:35 GMT 2002


On Thu, 2002-05-16 at 15:24, Wayne Beckham wrote:
> Does anyone have a useful procedure or tool for
> auditing a machine to determine if there is common
> hacker software loaded on it?
> 
> We've recently had an individual who was caught
> D/L'ing PWDUMP, L0Phat, the usual and my manager wants
> the whole division audited.  
> 
> It's actually too late, the word is already out that
> we're looking for hacks, but it would still be useful
> to know the future.

BSA has a software audit tool that's available in time-limited form for
free.

       http://www.bsa.org/usa/freetools/gasp

It's a version of "GASP" from http://www.attest.com/ - Attest also
offers an eval version on their website.

It's not specific to trojans, et. al. but it may be useful as it's
designed to collect and report on multiple systems.

Most current AV software should have signatures for trojans and such.

AdAware might help.

-- 
John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
  In the Lion
  the Mighty Lion
  the Zebra sleeps tonight...
  Dee de-ee-ee-ee-ee de de de we um umma way!
-----------------------------------------------------------------------
 61 days until Apropos Forum 2002




More information about the list mailing list