Saturday, March 22, 2008

Software Sliders

Sliders (a.k.a White Castle mini-burgers) in that these are short but tasty links.


Spybot S&D now shipping with Anti-Rootkit Technology

This one almost slipped by. Spybot Search&Destroy now incorporates plugins to search for rootkits.

How nice is that?

To get this added feature, just download the Spybot S&D updates in version 1.5.2 of their flagship product. They should present themselves automagically. Still under "development" so expect frequent updates as it matures.

It is also available as a "standalone" module, if you want: RootAlyzer (freeware).

I can't say how effective the technology it uses are. There are so many nice anti-rootkit applications out there now, it probably doesn't hurt to have one more bundled in Spybot. Grab a few and keep them handy on a USB stick, just in case.

Comodo Launches "Test My PC Security" Website: Helpfulness up to debate

Not content to claim superiority against all known firewall leak-tests, Comodo has now opened up shop with a new security-testing website: Test My PC Security. (PR press release here.)

So what does the average Joe find while visiting the website?

Well, a couple of brief "articles" outlining what firewall leak-tests are, and some test results that clearly show that Comodo's Firewall Pro is the best (and free). No surprise there.

What does the security minded geek find while visiting the website? Currently links to download 32 leaktests to experiment with on their own systems and firewalls. They can be downloaded individually or as a singe "zip" package.

This is strangely reminiscent to me of two earlier websites that pioneered these tests and comparisons: The Firewall Leak Tester website and Matousec, both of which carry 26 firewall leak-tests.

I actually like and use Comodo Firewall Version 3.0 on my Vista system. It is free and has a lot of robust features. It isn't too chatty and does ship with a "whitelist" of preapproved safe programs to help cut the prompts down. I did disable the Defense+ feature after running into some issues. Instead for HIPS protection, I am running ThreatFire (free) instead to supplement my AV protection.

Windows SteadyState

Just discovered this curious Microsoft product. Which means it must have been around for quite a while.

Windows SteadyState - What this free program for XP does is to return a "shared pc" back to an original state after use. Kind of like a software-state "reset" button.

Basically you configure your system to your liking, run and apply the SteadyState configuration, and let the users use the pc. If the user(s) modify (accidentally, purposefully, or maliciously) the system, you can quickly restore it to the original state...without having to reload the system from an image.

From the "What is it?" page:

How Windows Disk Protection works

When disk protection is turned on, it creates a cache file to retain all the modifications to the operating system or program directories. Histories, saved files, and logs are all stored in the cache file which is created on the system partition. At intervals you designate, Windows SteadyState deletes the contents of the cache and restores the system to the state in which disk protection was first turned on.

Set it and forget it

Choose the disk protection level that fits how your computer is used and whether or not your users need to save data for a specific length of time.

For example, if your shared computers are used by different people every day, you can set SteadyState to remove all changes at every restart. This is a good choice in a library or an Internet café.

You can also choose to retain changes for a specified period of time. This is a good option if you have the same users every day for a limited duration, such as a school term or an ongoing computer lab project.

However you choose to use Windows Disk Protection, you can rest easy knowing that a clean return to its original state is available.

I can see a couple of applications that this might come in handy with in our computing environment. Definitely worth looking into.

Nirsoft Nuggets

Ever wonderful, Nir Sofer has delivered two products worth looking into; one new and one updated.

SiteShoter - (freeware) - This tiny utility can be used to take a screenshot of any Web page and save it as a file. When executed, it launches a hidden window of Internet Explorer, loads the target page, and captures the page contents as an image file (.png, .jpg, .tiff, .bmp or .gif) depending on your preference. Will not capture Java applets or some other third-party web-content. What is cool is that Nir has coded it to run from a command-line. So you could make a batch-file to run it to capture one or a series of pages with a single click. Or set it to run automatically with a bit of scheduling to monitor and document regular and periodic changes to a Web page for archival reasons (say your kid's MySpace page).

MyUninstaller - (freeware) - Sure, you could use the standard Windows "Add/Remove" programs in XP/2000 or whatever it is called in Vista. But these tend to be a bit, "slow" for us IT geeks who often need to quickly scan for and remove unauthorized programs from client pc's. I even get impatient at home. MyUninstaller is a standalone utility that very quickly displays all installed applications on a Windows system, and provides a method to uninstall the ones you want. Version 1.39 fixes some uninstall string problems with Windows Installer.

For more freeware programs to uninstall applications quickly from Windows systems, check out this GSD post: Freeware Software Uninstallers.

E-mail Goodness #1: eM Client

I'm a fan of Mozilla's Thunderbird email client. When we ditched MSN dial-up as our Internet provider, I was finally able to escape from Outlook Express.

I don't run any Add-on extensions to Thunderbird except the Lightning project, which is a calendar application which integrates with Thunderbird.

I use Outlook 2003 at work and actually do enjoy it. We got Outlook 2003 along with our Office 2003 Student/Teacher package I bought, but I didn't install it. Too much hassle to convert now and Thunderbird does have some anti-spam and embedded image handling features I like for security reasons.

However, I did take notice of a recent DownloadSquad post introducing the eM Client program for e-mail.

Like many such programs (and there are many), it provides Windows based e-mail for sending/receiving messages, managing calendar items, contacts, and tasks.

I spent some time on the site and eM Client does look very polished and professional. The interface is a nice blend falling (to me) somewhere between Thunderbird and Outlook.

Final release appears to be scheduled for late 2008, although beta downloads are available.

When complete it promises to integrate ActiveSync for mobile-phone synchronization, groupWare support, GoogleSync support (for calendars and contacts) and Web 2.0 widget support for apps like Meebo, Facebook, and MySpace. For more details see the eM Client Feature List.

.NET Framework 2.0 or higher required.

Oh yeah, did I mention that you can download it in both "desktop" and "USB (U3) portable" versions? Not bad, although you can already get a Portable Apps Thunderbird version already if that's your thing.

It took me less than three minutes to download the U3 version, change the extension to .zip. Unzip the main program folder to my desktop, run it, configure an old gMail account of mine, and download a number of old messages from the gMail account.

The GUI is very polished and professional looking. I think it actually is a bit more polished looking than Thunderbird 2.0 is by default. I'm not changing anytime soon, but I am impressed with the offerings of eM Client. I will definitely be keeping an eye out on this one!

It is still under development and I've spotted a bug or two, but it seems like a great future candidate.

E-mail Goodness #2: Outlook on the Desktop

If you do use Outlook, maybe you would like to keep the calendar view up where it could be useful, but don't want to have to toggle between it and your email Inbox.

Michael Scrivo has a neat free product; Outlook on the Desktop.

Basically what it does it place a fully customizable Outlook calendar on your desktop. It is pinned so that stuff can't underlay it. You can adjust the position, size, and transparency level. It supports multi-monitor displays (hurrah!) and you can even toggle it between the calendar, inbox, tasks, and notes view.

Brilliant! Requires Windows 2000 or higher, Outlook 2000 SR-1 or higher, and .NET Framework 2.0 or higher.

Know thy Application Rights Needed

Last week I mentioned a few tools that can be used to analyze the software applications installed on a Windows system to determine if a program can be run with "least-privilege" user accounts for security purposes: LUA Buglight and the Microsoft Standard User Analyzer (MSUA) tool now incorporated in the Microsoft Application Compatibility Toolkit v5.0.

Now Julie over in the Back Room Tech blog shares one more: BeyondTrust | Application Rights Auditor.

This freeware tool automagically scans your target system and reports back the Windows applications it finds that require users to have administrative-level rights permissions to run.

Systems supported are Windows 2000 through Vista.

The utility uses a Microsoft management Console (MMC) snap-in as well as desktop component. Install the desktop component on the target systems. After audit run, the information is logged and send as an encrypted log-file to a secure BeyondTrust server farm. You then use the MMC snap-in with your unique key to view the report information.

Certainly not a tool needed by everyone, buy could be useful in IT departments assessing the rights requirements of applications when considering a user-rights policy for desktop and laptop system deployments.


No comments: