Verifying the integrity of the computer

Hello,

I recall seeing a thread on how to secure a computer. I have Win2000 pc
and looking to make sure it's secure. I have Norton Anti Virus, Spybot and
Ad-Aware. But I'm not sure if these programs would detect keystroke loggers
or someother hacker programs.
I did notice once - I had a message in my outbox in Outlook express and as
soon
as I connected my network cable - message got send. I tried to look at the
sent log
and there was no record of this message. So now I'm a little paranoid - not
sure
if there is some program sending information out my system without my
knowledge.

Any pointers on verifying the integrity of the system would be much
appreciated.
I would rather not reinstall the entire system - because I have too many
programs I would
need to reinstall.

Thanks
JS

Joseph

You did not mention a firewall, are you using one? With a good firewall only
applications you approve can send anything out.

--

************************************************

g-w


"Joseph" <> wrote in message
news:d0fRb.4085$.. .
> Hello,
>
> I recall seeing a thread on how to secure a computer. I have Win2000 pc
> and looking to make sure it's secure. I have Norton Anti Virus, Spybot and
> Ad-Aware. But I'm not sure if these programs would detect keystroke
loggers
> or someother hacker programs.
> I did notice once - I had a message in my outbox in Outlook express and as
> soon
> as I connected my network cable - message got send. I tried to look at the
> sent log
> and there was no record of this message. So now I'm a little paranoid -
not
> sure
> if there is some program sending information out my system without my
> knowledge.
>
> Any pointers on verifying the integrity of the system would be much
> appreciated.
> I would rather not reinstall the entire system - because I have too many
> programs I would
> need to reinstall.
>
> Thanks
> JS
>
>

"Joseph" <> wrote in message
news:d0fRb.4085$.. .
> Hello,
>
> I recall seeing a thread on how to secure a computer. I have Win2000 pc
> and looking to make sure it's secure. I have Norton Anti Virus, Spybot and
> Ad-Aware. But I'm not sure if these programs would detect keystroke
loggers
> or someother hacker programs.
> I did notice once - I had a message in my outbox in Outlook express and as
> soon
> as I connected my network cable - message got send. I tried to look at the
> sent log
> and there was no record of this message. So now I'm a little paranoid -
not
> sure
> if there is some program sending information out my system without my
> knowledge.
>
> Any pointers on verifying the integrity of the system would be much
> appreciated.
> I would rather not reinstall the entire system - because I have too many
> programs I would
> need to reinstall.

Depends upon the scanners. Integrity can *only* be verified against a
known-good setup (doesn't matter what the machine; heck, could even be a
microwave - this is a universal statement!)

If it's *just* OE, then there's a quick checklist here
(http://www.codecutters.org/outlook); if it's suspected external
connections, then netstat is your friend (please see sysinternals.com for
potentially easier-to-use variants).

HTH, and happy to be corrected..

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

"> You did not mention a firewall, are you using one? With a good firewall
only
> applications you approve can send anything out.

Good being a loose term. Many of the so called "better" firewalls are
actually very porous on the application control. Blackice being the first to
comes that comes to mind.


M

Black Ice used to only check incoming packets. It may have changed but that
meant anything that got on the computer could send out packets and Black Ice
would not tell you..

--

************************************************

g-w


"MickityMizack" <> wrote in message
news:uikRb.155133$I06.1589563@attbi_s01...
>
> "> You did not mention a firewall, are you using one? With a good firewall
> only
> > applications you approve can send anything out.
>
> Good being a loose term. Many of the so called "better" firewalls are
> actually very porous on the application control. Blackice being the first
to
> comes that comes to mind.
>
>
> M
>
>

"MickityMizack" <> wrote in
news:uikRb.155133$I06.1589563@attbi_s01:

> "> You did not mention a firewall, are you using one? With a good
> firewall only
>> applications you approve can send anything out.

Even so, OE would have been a trusted app, so the firewall wouldn't have
blocked it.

Hmm good point - I have Siemens Speedstream device. I just have the standard
settings.
But I assumed any application can send data out using the 8080 port - since
I am able
to access the net.

Thanks
JS
"kulm_nd" <g-> wrote in message
news:tvgRb.34117$P% gy.com...
> You did not mention a firewall, are you using one? With a good firewall
only
> applications you approve can send anything out.
>
> --
>
> ************************************************
>
> g-w
>
>
> "Joseph" <> wrote in message
> news:d0fRb.4085$.. .
> > Hello,
> >
> > I recall seeing a thread on how to secure a computer. I have Win2000 pc
> > and looking to make sure it's secure. I have Norton Anti Virus, Spybot
and
> > Ad-Aware. But I'm not sure if these programs would detect keystroke
> loggers
> > or someother hacker programs.
> > I did notice once - I had a message in my outbox in Outlook express and
as
> > soon
> > as I connected my network cable - message got send. I tried to look at
the
> > sent log
> > and there was no record of this message. So now I'm a little paranoid -
> not
> > sure
> > if there is some program sending information out my system without my
> > knowledge.
> >
> > Any pointers on verifying the integrity of the system would be much
> > appreciated.
> > I would rather not reinstall the entire system - because I have too many
> > programs I would
> > need to reinstall.
> >
> > Thanks
> > JS
> >
> >
>
>

HOK

Thanks for the sites. Any utilities that might identify keystroke loggers? I
am thinking these are the
only apps that would be able to steal password in SSL connection.

JS

"Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in message
news:HHhRb.11455$...
> "Joseph" <> wrote in message
> news:d0fRb.4085$.. .
> > Hello,
> >
> > I recall seeing a thread on how to secure a computer. I have Win2000 pc
> > and looking to make sure it's secure. I have Norton Anti Virus, Spybot
and
> > Ad-Aware. But I'm not sure if these programs would detect keystroke
> loggers
> > or someother hacker programs.
> > I did notice once - I had a message in my outbox in Outlook express and
as
> > soon
> > as I connected my network cable - message got send. I tried to look at
the
> > sent log
> > and there was no record of this message. So now I'm a little paranoid -
> not
> > sure
> > if there is some program sending information out my system without my
> > knowledge.
> >
> > Any pointers on verifying the integrity of the system would be much
> > appreciated.
> > I would rather not reinstall the entire system - because I have too many
> > programs I would
> > need to reinstall.
>
> Depends upon the scanners. Integrity can *only* be verified against a
> known-good setup (doesn't matter what the machine; heck, could even be a
> microwave - this is a universal statement!)
>
> If it's *just* OE, then there's a quick checklist here
> (http://www.codecutters.org/outlook); if it's suspected external
> connections, then netstat is your friend (please see sysinternals.com for
> potentially easier-to-use variants).
>
> HTH, and happy to be corrected..
>
> Hairy One Kenobi
>
> Disclaimer: the opinions expressed in this opinion do not necessarily
> reflect the opinions of the highly-opinionated person expressing the
opinion
> in the first place. So there!
>
>

kulm_nd wrote:
> You did not mention a firewall, are you using one? With a good firewall only
> applications you approve can send anything out.
>

Which does nothing to ensure integirty of the system. Just because you
approved the application doesn;t mean that the system is secure.... the
applcation itself could be compromised.

The integirty of a system relies on more than simplky installng cirus
checkers, firewalls and access controls.....

On Tue, 27 Jan 2004 10:55:45 -0500, "Joseph" <>
wrote:

>HOK
>
>Thanks for the sites. Any utilities that might identify keystroke loggers? I
>am thinking these are the
>only apps that would be able to steal password in SSL connection.
>
>JS

Joseph,

Keystroke Loggers are a type of spyware. For spyware detection and
removal, there is none better than HijackThis, Spybot S&D, and expert
advice at SWI Forums (all free). Complete instructions are available
at:
http://forums.spywareinfo.com/index.php?showtopic=5187

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.