|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: [Full-Disclosure] Registry Watcher
From: Aditya, ALD [Aditya Lalit Deshmukh] (aditya.deshmukh
online.gateway.technolabs.net)
Date: Sat May 08 2004 - 23:05:18 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>> the common installation inserts and all programs have values that must be
>> inserted. If a "watcher" would have a data base to follow and any odd or
>> uncommon entries could be flagged. As far as I know all newly found viruses
>> insert registry entries and these could be placed in a data base that would
>> cause registry to deny and flag.
> viruses generally attack registry first because most of the application including
> os use registry for running properly.. so registry is the favorite target. but
> a virus can do much harm without changing registry also.
hey for this sort of thing i use a program called as proport, it watches all the autostart up registry entries and alerts u when any new program is added to it. this program sits in the system tray so it is not obstrusive download it from www.tudpage.com u dont want regmon but proport for this sort of thing
-aditya
________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]