Even if the poster was not genuine he was asking for a list of executable names rather than a place to find hacking tools. I for one would find a hacker tools information site like www.simovits.com's trojan information site quite useful. Not a site to aquire the tools but a site where the tools have been detailed. The question was valid and useful regardless if the poster was genuine.
Checking for executable names is not perfect but doing checksums could have its faults as well depending on what type and size of environment the individual is dealing with and how much time/money they could devote to the task. I agree that a checksum in a smaller environment with a strict workstation build is would be a much better option. By the way I believe it should be looked at as which option provides the best ROI (return on investment). Not all organizations have a security above all else policy. In a large organization which very well may have a wide range and diverse builds of workstations running checks for known malicious executables may provide the best option for them. Just because an option is not perfect does mean that it has no merit and is not useful option. If anyone could show me perfect security I would like to see it. I would not excuse poor security but a method less than perfect does not neccesarily mean it should be ignored. >>>>>>>>> >>>>>>Hi, Just wanted to add my $0.02. If the original poster was genuine then the methodology is IMHO flawed. It is a difficult problem to check for 'hacking tools', the name is only a rename away. It is by far safer to checksum known clean files (80% or more executable will be on an install CD) and then flag those file that are unknown and investigate them. pob PS See my sig. my opinions may be skewed by virtue of my employer. Opinions stated are not necessarily those of my employer. -- Paul Baccas, Virus Researcher, Sophos Anti-Virus Email: [EMAIL PROTECTED], Tel: 01235 559933, Web: www.sophos.com US Support: +1 888 SOPHOS 9 UK Support: +44 1235 559933 >>>>>>>>>>> _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com
