Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: IE Malware / Spyware Control Methods

From: k levinson <levinson_k () yahoo com>
Date: Wed, 12 Jan 2005 08:22:17 -0800 (PST)
-----Original Message-----
From: Bernie Cosell [mailto:bernie () fantasyfarm com] 



Meta question: does anyone know if [and if so, how]

to use 

the security 
auditing machinery to figure out what a program

needs? 

I think most people either enable NTFS file and
registry auditing:

http://securityadmin.info/faq.asp#auditing

... or use tools like regmon, file mon and process
explorer from www.sysinternals.com.

To make this all easier, Microsoft is working on the
Application Verifier / LUA Privilege Predictor:

http://www.microsoft.com/technet/security/secnews/articles/sec_tools_for_appverifier.mspx

I think enabling auditing may be a little trickier to
enable on XP Home, as checkboxes for some security
features have been crippled in the GUI, requiring
special measures.

regards,

karl levinson
http://securityadmin.info




                
__________________________________ 
Do you Yahoo!? 
Read only the mail you want - Yahoo! Mail SpamGuard. 
http://promotions.yahoo.com/new_mail
Previous By Date Next
Previous By Thread Next

Current thread: