[Dshield] Windoze Questions...

Bob Savage bsavage at rnr-inc.com
Thu Feb 12 18:14:57 GMT 2004


Jon,

(5) Both Adaware and SpyBot Search and Destroy, IMHO, are excellent products.  I use both, but rarely find that one catches something the other did not.

(6) Also IMHO Zone Alarm is the best firewall for individual users.  The built-in firewall in XP is also good but I like using ZA a little better.  I think it's easier to configure.  On my own machine at home I've often had both turned on.   A few months ago I added a router/firewall and since then neither one of them has had much to look at.

I'll be really interested in other's comments, particularly on questions (1) through (4)!

Bob Savage

-----Original Message-----
From: Jon R. Kibler [mailto:Jon.Kibler at aset.com]
Sent: Thursday, February 12, 2004 8:26 AM
To: list at dshield.org
Subject: [Dshield] Windoze Questions...


Greetings,

As I have said several times before, I am not a windows expert and we use few windows machines in our shop. Thus, I have a few questions about Windows security from a Unix perspective.

Questions:
  1) Are there programs equivalent to COPS and TripWire that run on Windows?
  2) Anyone running SNORT under Windows? Any comparison to how it runs under *nix?
  3) Does the most common AV software (Symantec, NAI, etc.) catch keystroke loggers and other spyware (not Adware!) that may be present and running or a Windows system?
  4) About the Windows encrypted file system... if someone gets Admin privilege on a system using the encrypted file system, can they disclose or compromise data that would normally be protected?
  5) When I search for products that detect adware installed on a Windows box, I get dozens of hits... is any given product better than another, or do you really need a combination of products to detect and stop all the various adware downloads in use?
  6) Finally, windows firewalls... Is Zone Alarm still considered the best for Windows? What are the strengths and weaknesses of the firewall built into Win/XP?

TIA for all answers!

-- 
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.




More information about the list mailing list