[Dshield] Windoze Questions...

Jon R. Kibler Jon.Kibler at aset.com
Thu Feb 12 14:26:19 GMT 2004


As I have said several times before, I am not a windows expert and we use few windows machines in our shop. Thus, I have a few questions about Windows security from a Unix perspective.

  1) Are there programs equivalent to COPS and TripWire that run on Windows?
  2) Anyone running SNORT under Windows? Any comparison to how it runs under *nix?
  3) Does the most common AV software (Symantec, NAI, etc.) catch keystroke loggers and other spyware (not Adware!) that may be present and running or a Windows system?
  4) About the Windows encrypted file system... if someone gets Admin privilege on a system using the encrypted file system, can they disclose or compromise data that would normally be protected?
  5) When I search for products that detect adware installed on a Windows box, I get dozens of hits... is any given product better than another, or do you really need a combination of products to detect and stop all the various adware downloads in use?
  6) Finally, windows firewalls... Is Zone Alarm still considered the best for Windows? What are the strengths and weaknesses of the firewall built into Win/XP?

TIA for all answers!

Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214

Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

More information about the list mailing list