ESET Nod32 Antivirus | Antispyware | Console d administration
Chercher :
Newsletter :  
Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs



Abonnez vous � Nessus Professional Feed !

Sponsors :

Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

Secumail :
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS/XML :
- Articles
- Brèves
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS SecuObs :
- sécurité
- exploit
- windows
- microsoft
- réseau
- attaque

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- vmware
- security
- virus
- biometric
- windows
- lockpicking

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS OPML :
- Français
- International

Abonnez vous � Nessus Professional Feed !


Revue de presse francophone :
- Vigilance - Noyau Linux déni de service via NFS
- Triton de Websense la sécurité unifiée
- L'Internet des objets doit encore apprendre à interpréter
- Alvin et les Chipmunks contre les Majors
- Frédéric Renard, Arkeia Software la virtualisation, un enjeu à ne pas louper
- CERTA-2010-ACT-011 Bulletin d'actualité numéro 011 de l'année 2010 19 mars 2010
- CERTA-2010-AVI-128 Multiples vulnérabilités dans CA ARCserve Backup 19 mars 2010
- CERTA-2010-AVI-129 Vulnérabilité dans IBM DB2 Content Manager 19 mars 2010
- Jouer à prédire, c'est déjà collaborer
- Dans les sondages, indiquer sa progression ne motive pas forcément
- Nouveau firmware pour la gamme UTM de ZyXEL
- SXSW décryptage de notre futur digital
- Gilles Polart-Donat, Alixen la valeur du libre n'est pas que dans sa gratuité
- Quand les étiquettes RFID s'impriment par rouleaux
- LANDesk enrichit son programme partenaire Expert Solution Providers'

Dernier articles de SecuObs :
- VASTO une extension Metasploit dédiée à l'exploitation des infrastructures virtuelles
- Hogger automatise la création des tables d'attributs Snort à partir des scans Nmap
- Edenwall obtient une subvention de la DGA
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Une faille dans l’implémentation RSA de OpenSSL
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- 100 000 dollars pour le Pwn2own 2010
- Un botnet qui rapporte gros
- Webraider offre un reverse shell contre une simple injection SQL

Revue de presse internationale :
- Web crime to surge around SWC
- joomla component Gift Exchange com_giftexchange pkg Remote Sql Injection
- Links for 2010-03-19 del.icio.us
- Bifrost virus bulit.exe
- svchoste.com
- daemon.exe, Out.exe
- scvopen.exe
- Mozilla confirms critical Firefox bug
- Spider email joker's website suspended
- Pa. school spy case sparks fight over money
- buftu.exe, chetu.exe, cmetu.exe, ijetu.exe, ngetu.exe, nletu.exe, rvftu.exe, snetu.exe
- Bifrost virus anaweka-exe
- Paper Keys and Me Wearing the Dunce Hat
- IE 0 Day Iepeers Pointer Exploit Demo Video Tutorial
- Working on a new tool

Annuaire des videos
- IBM Virtual Server Security for VMware
- Avast AntiVirus 4 8 Professional with Life Time Keygen
- Comodo 4 Internet Security Review and Tests Part 1
- Root Kit Hacker Defender aufsp ren
- Remove a Virus Worm Spyware Adware Rootkit or Potentially Unwanted
- Xmas Special Crypto Encryption Protect Your Sensitive Data
- User Rights Management For Databases
- Hacking Websites You think you are secure
- Security12 Introduction Ep 01
- CAPeD Calm Audio controlled Personalized Display
- Business Logic Automatons Friend or Foe Amichai Shulman
- Shmoocon 2010 Cyborg Information Security Defense Against the Dark Arts 2 5
- Shmooncon 2010 Detection of rogue access points using clock skews does it really
- RSA Conference USA 2010 Defeating the Enemy The Road to Confidence 2
- Shmoocon 2010 Infrastructural Weaknesses in Distributed Wireless Communication Services 2 6

Revue Twitter
- RT: @danphilpott @Shpantzer @grecs NIST SP 800-378 Twitter Hashtag Enumerations and Typology: An SDLC Integrated Framework? --#funny
- Hey @ComcastBonnie! Those shiny (beta) Comcast DNSSEC servers you pointed me at are apparently blocking access to fcc.gov - conspiracy? :)
- RT @Tony_BradleyPCW: 12 Smart Ways to Save Time and Effort with Enterprise VoIP Software. http://bit.ly/dl4ETn
- RT @CloudInfoSec: Reliably auditing your cloud provider security from the bare silicon on up - http://bit.ly/bN4a7e #cloudcomputing #infosec
- RT @packet_storm: Quality Point 1.0 NewsFeed Cross Site Scripting / SQL Injection http://packetstormsecurity.org/filedesc/qualitypoint- ...
- RT @packet_storm: phpscripte24 Preisschlacht Liveshop System SQL Injection http://packetstormsecurity.org/filedesc/phpscripte24liveshop ...
- RT @packet_storm: MediaCoder Local Buffer Overflow http://packetstormsecurity.org/filedesc/mediacoder-overflow.c.html
- RT @packet_storm: VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow http://packetstormsecurity.org/filedesc/varicad_dwb.rb.txt.html
- #CON Are you registered for What's Next in DNSSEC: Securing the DNS? http://bit.ly/d1o1XW #GovSec (via @GovSecUSLaw)
- #MEETUP Reminder next OWASP DC is going 2 b taking place 3/24 at 6:30PM at GWU! details http://bit.ly/cdzXhe (via @owaspdc)

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter



Top bi-hebdo des articles de SecuObs
- Apprendre à parler Skype pour mieux le faire taire !
- Une faille dans l’implémentation RSA de OpenSSL
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- VASTO une extension Metasploit dédiée à l'exploitation des infrastructures virtuelles
- Keimpx un outil d'audit pour les réseaux Microsoft Windows
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Edenwall obtient une subvention de la DGA
- Comment changer un mot de passe perdu pour un compte WINDOWS
- Webraider offre un reverse shell contre une simple injection SQL

Top bi-hebdo de la revue de presse
- Sun Ray interception de données des DTU
- How to Jailbreak iPhone 3.1.3 IPSW with PwnageTool 3.1.5
- Dev Team Confirms iPhone 3.1.3 IPSW Jailbreak
- Rozlyn Papa sex tape rumours lead to malware
- FREE Kaspersky Internet Security 2010 Activation Code Valid for 6 Months
- installer backtrack 4 [tuto]
- Nouveau dictionnaire WPA Livebox
- IIS 6 may stop responding after you install Microsoft update KB 973917
- La Face cachée de Facebook
- Téléchargements Ados de mal en pis

Top bi-hebdo de l'annuaire des videos
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- vSphere 4 0 update 1 VMware Update Manager and EMC PowerPath VE
- Ettercap Tutorial Man In The Middle Arp Attack
- Shmoocon 2010 Firetalks SHODAN for Penetration Testers 1 2
- install MacOSX Snow Leopard in Windows PC using Vmware Workstation as virtual machine
- Blaze botnet in action www opensc ws
- Windows XP Pro SP3 in VMWare off iSCSI Target using gPXE over 802.11n
- Running Wireshark on Mac OS X 10 6 Snow Leopard
- Avast Internet Security 5 0 396 Final Free Full Download Licensed with Serial Key
- Ch0ry Euro iPhone 3G 3GS 30 Hack WIFI key

Top bi-hebdo de la revue Twitter
- How to secure a Cisco router http://ping.fm/FkG7O
- RT @manicode: Very interesting Java ESAPI-like library coming out of Apache : http://bit.ly/9poefg
- Wirshark + SSH = Wireshark Remote Capturing - http://www.howtoforge.com/wireshark-remote-capturing (via @welias)
- Nessus Scan through a Meterpreter Session (demo) http://vimeo.com/10203481 #PaulDotCom #nessus #meterpreter
- Nux Keylogger 0.0.1 http://packetstormsecurity.org/filedesc/nuxkeylogger0.0.1.c.html
- Collection of security checks for Linux http://bit.ly/a7IH7m
- RT @FrikiFeeds: The newbie's guide to hacking the Linux kernel | TuxRadar Linux http://dlvr.it/6sQp
- Exploit for Apache mod_isapi = 2.2.14 Dangling Pointer (CVE2010-0425) vulnerability ported to Metasploit http://bit.ly/ctDQjk
- Discoverer: Automatic Protocol Reverse Engineering from Network Traces #pdf http://ow.ly/1gHd1
- New Weblog Post -- Finding Malware on your network via cached DNS entries http://bit.ly/ajpcmU

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- Microsoft Gazelle, mini-OS virtuel basé sur MashupOS pour une navigation Web sécurisée par isolation
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- GreenSQL un proxy MySQL pour filtrer les requêtes SQL et contrer les injections

Microsoft Security Essentials: First Impressions
Les derniers commentaires publiés sur SecuObs (1-5):
- ESRT @ChrisJohnRiley @carnal0wnage - Exploiting hard filtered SQL Injections
- Malicious Code Evolution from IE Zero-Day Exploit Code
- Google Releases Skipfish Application Security Scanner
- ESRT @securityninja - Burp Suite Tutorial - Repeater and Comparer Tool
- ESRT @dinodaizovi - New metasploit blog post - analyzes the first public Perm
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]
S'abonner au fil RSS global de la revue de presse


Microsoft Security Essentials: First Impressions

Par Digital Soapbox Preaching Security to the Digital Masses
Le [2009-06-23] à 20:17:32


Présentation : Hey folks, in case you were living in a cave, Microsoft's Security Essentials (formerly code-named "Morro") is now live and available for download. As it went live at 11:00am Central Time I couldn't help but snag it the minute it went live... and wanted to throw out my first impressions and continue to update this post as I put the free anti-malware client through its paces in my lab. Lab Configuration: * Host: Linux Ubuntu 9.04 running Sun VirtualBox * Host OS: Windows 7 RC build * Memory: 2Gb * Disk: 20Gb * This is the only anti-malware client on this [virtual] machine After jumping through the hoops to download the BETA, and actually reading the EULA and software agreement (which is pretty standard, by the way... no giving up your first-born), I got the client installed and working just fine. I grabbed the available version (6/21/09, Ver. 1.0.1407.00) and installed it immediately. First thing I noticed is how utterly tiny this client is, at just over 4.7Mb, that's astounding! Maybe this isn't everything that my monstrous Kaspersky install is on my laptop... but this is pretty impressive if it can deliver. On disk, after installation the Microsoft Security Essentials directory is just 8.67Mb, with 38 files in 6 folders... again, not too bad. As far as system resources are concerned, the msseces.exe process runs in the context of the currently logged-in user (as is expected with Windows 7 controls) using ~0% CPU and just 3.468Kb of memory. With such a small footprint one has to immediately wonder... is this thing even effective? I'm going to find out. One thing that those of you who are used to complex anti-malware packages will notice is the distinct lack of advanced features... this is, after all, a very simple anti-malware client. Simple being the operative word here... so you can't expect much for free... or can you? There is the option of Real-Time protection which enables itself after the first auto-update and there is an auto-update features, since the goal is to reach those who would never remember to do it manually. Overall first-impressions are... "yea, it's simple". Looking at the settings one thing did strike me though... the participation in Microsoft SpyNet (which is apparently a carry-over from the Windows Defender tool) has a Basic or Advanced membership. I can't quite tell exactly what the advanced membership buys you (the user) or why it shouldn't be the default... as it appears that it would help the SpyNet folks pin-point the malware more closely. One thing I did notice is that there is this interesting clause, which I can't imagine worrying anyone... "In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you, or to contact you." That unintentional gives away something that I think needs to be further investigated. What types of information is being sent over? How can analyzing malware unintentionally lead to disclosure (or harvesting, accidental or not) of your personal information? I'd venture a guess that as malware collects information on YOU, it may inadvertently pass that information on when it's captured, but I can't say for sure. Here's how I'm laying out my tests for the coming week or so... * Using Security Essentials I'm going to find and download some "questionable content" from the dirty underbelly of the Internet... * I plan on comparing SecEssentials performance in detection and raw stopping power against that of my Kaspersky installation protecting another VM... * I'm also planning on comparing "Morro" or Security Essentials against some of the other things out there including PrevX (if they ever get back to me)... Look for more coming soon... so far, so good. Do you have the BETA installed? Have you given it a test-run and found anything interesting? Be the first to comment here... let's hear your reactions if you're willing to share![][] [] [][]

Les mots clés de la revue de presse pour cet article : microsoft security
Les videos sur SecuObs pour les mots clés : microsoft security
Les mots clés pour les articles publiés sur SecuObs : microsoft security
Les éléments de la revue Twitter pour les mots clé : microsoft security



AddThis Social Bookmark Widget



Les derniers articles du site "Digital Soapbox Preaching Security to the Digital Masses" :

- How NOT To Do a Security Advisory
- Internet Surveillance... for your Credit/Debit Cards?
- RANT Forget SSNs
- Fun PDF Stuffing Feature... hack
- SecurityMetrics - Another Site Security Certification Seal
- RANT Call Me a Realist
- OWASP Podcast #27 - Security Skeletor
- What ever happened to...
- Microsoft Security Essentials: Road Test
- Microsoft Security Essentials: First Impressions
- Bring on the KY
- OWASP 2009 AppSecDC Thoughts
- The iPhone worm ... SRSLY
- Completely Missing the Point
- CSI Annual 2009
- Fox News Bring Your Toddler To Work Day
- Hell in a Handbasket ...
- The Jihad Job ... recruiting via email
- What privacy I use Google ...
- Infosec is Rotten



S'abonner au fil RSS global de la revue de presse
Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

Si vous voulez bloquer ce service sur vos fils RSS :
 - avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail





Les derniers commentaires publiés sur SecuObs (6-25):
- ESRT @iagox86 @hdmoore - Using Metasploit to Locate and Exploit the Energizer
- ESRT @innismir - New Weblog Post -- Finding Malware on your network via cache
- Sniffing with Wireshark as a Non-Root User
- Focus on MacNikto v1.1.1
- New Google Chrome v4.1.249.1036 released, fixes multiple security vulnerabili
- ESRT @opexxx @synopsi - Remote stack overflows
- ESRT @postmodern_mod3 @tmm1 - memprof now displays stack frames and threads
- ESRT @_MDL_ @gollmann - Locking botnet agents to specific victim systems in o
- CsFire 0.4.1 autonomously protects against dangerous or malicious cross-domai
- Seccubus v1.4.1 - Nessus 4.2 compatibility release
- ESRT @JGamblin @threatpost - Hackers say they will definitely break into an A
- ESRT @hdmoore @iagox86 - Weaponizing dnscat - first version of dnscat shellco
- iWep PRO 1.1.3 Released
- FireCAT v1.6.2 updated with Framework Detector
- ESRT @opexxx - FireCAT v1.6.2 updated with BackendInfo
- sipwitch 0.7.4
- Oracle XDB FTP service UNLOCK buffer overflow exploit that spawns a reverse s
- XSSploit XSS scanner multiplatfom v0.5 available
- Network forensics in IRB xtractr Ruby gem
- GreenPois0n Possible Jailbreak Software for iPad OS 32


SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Archives Failles Secunia :
- SA38989 Fedora update for tar
- SA38988 Fedora update for cpio
- SA38921 SUSE update for OpenOffice_org
- SA38971 Multi Auktions Komplett System id_auk SQL Injection Vulnerability
- SA38945 Ubuntu update for audiofile

Archives Mailing Full Disclosure :
- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e).
- Re: Full-disclosure Fingerprinting Paper with Laser
- Full-disclosure Vulnerability Httpdx v1.5.3b
- Full-disclosure CA20100318-01: Security Notice for CA ARCserve Backup
- Re: Full-disclosure Fingerprinting Paper with Laser

Archives Mailing Bugtraq :
- announcing skipfish, an automated web app security scanner
- Vulnerability Httpdx v1.5.3b
- IBM Lotus 6.x HTTP Response Splitting Vulnerability
- There are lost of xss vul in PHPWind v6.0 !
- CA20100318-01: Security Notice for CA ARCserve Backup
- SECURITY DSA-2018-1 New php5 packages fix null pointer dereference

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :