Hey everyone – This is my first post to a bugtraq list, so please be gentle! :)
Anyhow -- I'm currently working for a University Residential helpdesk and generally have to deal with a lot of supposed compromises and viruses. Are there any good tools for troubleshooting that anyone relies on? I'm talking freeware / open source utilities - I'm not in charge of the software distribution, and it wouldn't be feasible for my to put in requests. We deal mainly with Windows 98/ME/2000 and XP systems, so it limits a lot of utilities I've seen out there. So far what I've been using to check a lot of systems are mainly just sifting through the configuration files. Is there any other useful programs out there that can make some checks quicker/more certain? I've been using a program called APorts to see what executable is talking on what port. Also, we have a site license for Norton Antivirus Corp Edition, so it makes detecting a lot of programs pretty easy. However -- I'd like to be able to check out what happened to systems before installing Norton, or in the case of a backdoor, be able to track it down fairly well on the system. So what would YOU use in your toolkit? :-) Thanks! Cheers, Sean
