[Dshield] [OT] Naughty File Detector

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Mon Oct 6 19:11:38 GMT 2003


list-bounces at dshield.org <mailto:list-bounces at dshield.org> wrote on
Thursday, October 02, 2003 2:44 PM: on behalf of: Carl Inglis
[wyrdrune at yoshiwara.org.uk]

| I'm going to be starting a new job in the near future, and one of the
| things which I'm going to be responsible for is the security policy. I
| want to ban P2P programs, but from what I understand of the protocols
| they are capable of port-hopping, and can even land on port 80.
| 
| I'm looking for a program which I can use to scan remote hard drives
| looking for the executables. Perhaps using an MD5 checksum to
| identify the files? (Since people can change the file names).
| 
| I've found Browse Control from CodeWork, and that looks quite
| interesting, but I'd appreciate the thoughts of others.
| 
| Thanks,
| 
| Carl
| --


Carl et al.

If you additionally needed a complementary product that detects,
quarantines and removes various non-viral Malware (Spyware, Trojans,
Adware, Keyloggers, Hacker Tools, DDoS Zombies) and were willing to
consider a commercial, proprietary program and non-open-source approach,
perhaps you would like to consider, e.g. PestPatrol from PestPatrol,
Inc., which might help you with the challenge you seem to face.

The product comes in three editions. Please find more information:

PestPatrol(tm) Home User Edition
at: http://www.pestpatrol.com/pestpatrolhe/

PestPatrol(tm) for Small Business
at: http://www.pestpatrol.com/pestpatrolsbe/

PestPatrol(tm) Corporate Edition
at: http://www.pestpatrol.com/pestpatrolce/


According to the vendor, at http://www.pestpatrol.com/PestPatrolCE/ 

"PestPatrol Corporate Edition (CE) provides a comprehensive solution to
the threat that hacker tools, trojan horses, key loggers,
denial-of-service attack agents, and spyware pose to corporate
networks."

"PestPatrol Corporate Edition was introduced in February 2002 and adds
support for login scripts, scheduling, centralized logging and updating,
as well as integration with a range of complementary third-party
security solutions."

PestPatrol presumably detects and removes, e.g. the following P2P
programs:

. Morpheus
. Morpheus 1.9
. BearShare
. KaZaA
. LimeWire
. Grokster
. Kazoom
. XoloX
. Morpheus 2.0
. WinMX
. Blubster
. E-Mule
. Gnucleus
. KaZaa Lite
. Shareaza
. Swaptor
. Overnet 0.46
. Morpheus 3.1 .

Have experience only with the PestPatrol(tm) Home User Edition and the
company itself. If memory serves me well I bought a license for the
product around December 2001 and have used the product ever since.

In my experience, both the company and the product have developed
significantly. In my (short and unofficial) listing, the company ranks
as the number one company when it comes to responsiveness at customer
requests. 

>From time to time, you can buy a license for this product bundled with
other security or privacy related products.


Best of luck with your new job and the approach you choose,
Peter


       "He that never changes his opinions, never corrects his mistakes,

            and will never be wiser on the morrow than he is today". 
             Tryon Edwards (1809-1895); US author, lexicographer.





More information about the list mailing list