Showing posts with label Malicious Code. Show all posts
Showing posts with label Malicious Code. Show all posts

Saturday, February 10, 2007

Take Full Control of Your Computer

1st Security Center Pro by SSS Lab Inc

Version reviewed: 5.0.2.1

1st Security Center Pro is a security software that protects your PC.

Some features:

You can deny access to each individual component of several Control Panel applets, including Display, Network, Passwords, Printers, and System
Disable your boot keys, DOS programs, Registry editing and network access.
User Working Time option
Administrator password
Folder protection

DOWNLOAD PROGRAM
We all know how important is to protect our computer and the data we store. For online attacks there is a myriad of antivirus, firewall and anti spyware softwares to choose from. But you should also take care of the inside attacks which are more or less intended. Having a software that can lock some features in Windows is always good news.

You can never know what your kid, wife or brother is doing on your computer and there is always the risk that their “computer talents” are limited to playing some games, listening to music and watching a movie once in a while. In one word, unskilled computer users can damage your settings and create problems.

1st Security Center Pro allows locking your system, network and remote access settings so that you prevent the other users of the computer from changing the way your computer works. The $24.95 solution from SSS Lab Inc sports a feature uncommon among similar softwares. It allows the administrator to set up a time interval and a duration of a user's working time.

The interface can be changed due to the 37 skins the application is equipped with. Some of them are like salt in the eyes like Fallout Style, while others are just perfect for your needs (like Elegant). But after all it is just a matter of taste for choosing the right one.

The WYSIWYG looks make it easy to use and recommend it for newbies. Taking into consideration the options made available one can say that 1st Security Center Pro covers a vast area of your computer's options and settings.

The tree in the left displays the areas of your computer that can be configured. But before deciding to impose any restrictions you should apply a password for launching the software. This way you will be sure that only authorized persons will tamper with your settings. The two general areas available are Windows Common Restrictions and Users Restrictions.

The first section includes configuring System, Network and Remote Access. The tips displayed for every section provide a brief description of the options available. System settings deal with restricting access to event logs, secure network access of CD-ROM drives, disabling the password caching, or enabling remote assistance.

Configuring the Network allows enabling and disabling a series of network related options like disabling file sharing, hiding share passwords with asterisks, hiding servers from the browser list or allow fast user switching. The options for Windows common restrictions do not stop here and the user can make the necessary configuration for the Remote Access. In this concern the number of remote access authentication attempts can be set as well as the maximum duration for remote access callers to stay connected or defining the length of time before callback is initiated.

User Restrictions is the area that provides the most variate option. The subfolders include all the users that have an account created on your computer. For each of them you can impose a number of limitations regarding the use of the Control Panel and Windows shell.

Control Panel restrictions include Display (disabling the applet, hiding the background page, the settings and appearance page), Internet Options (disabling the General/Security/Content/Connections/ Programs and Advanced tabs in Internet Options) and Printers (disabling addition/deletion of printers and hiding the General and Details pages). All this options can secure you against other peple's messing around with your general settings.

Shell restrictions area is the one where you should definitely take a look as there are some options that deserve special attention and can come in very handy. The suite of limitations available in the Start Menu solder comprise removing Run command from the Start Menu or disabling “Log Off” command. To be frank none of these options available in here worked in my case. I can't explain what happened because Start Menu restrictions were the only ones that did not function properly, even with numerous restarts of the machine.

The last of the pictures shown below will stand as proof (as you can see the user is Softpedia both on my computer and in 1st Security Center, and the “Save” button activated; and yet the Run command is still available on my computer). On the other hand, the application had no problem with hiding the requested


icons (My Computer and Recycle Bin) from the desktop and bringing them back.

System settings in Shell Restrictions provides an easy way to disable the registry editing tools (this option really works), the task manager (also works) and the Autorun feature on all drives (works as well). When it comes to hiding drives, things partially work as the drives will indeed be hidden and Windows Explorer will indeed no longer display them, but working with the hidden volume in any other file manager is possible.

I am sure that you would like to decide which applications could one of your computers use and which not. Your wish comes true with 1st Security Center Pro as it sports the Allowed Applications option which lets the administrator of the program create a list with the softwares that a certain user should be able to open. During our testing the feature worked fine, but restarting the machine was necessary in order for the changes to take effect. However, there were some problems with the keyboard drivers as they were not on the list and after the display of the message announcing that using that application is restricted by the administrator, the favorite keys assigning dialog appeared.

If you are an IE user, then there is a number of restrictions for this application to be applied too. You can disable the Internet access, the downloading of the files (once the first option is enabled all the rest involving Internet browsing are futile). Be careful with disabling the “Close” item in “File menu” as in Internet Explorer 7 there is no such option (well, there is “Exit”) and you will no longer be able to exit the application by using the Exit option or the “Close” button in the topmost right corner. In this case IE 7 can be shut down by killing its process in Task Manager.

Logging user activity option is available, but unfortunately during the testing all there was recorded was the name of the user and the time and date of the login on the computer. This would have been a very good option for checking out where the others are hanging on the Internet in your absence (sounds like a keylogger, doesn't it?).

Finally, my favorite features are at the end of the restrictions list. These are Restrict User Working Time and Folder Guard. The first one is particularly interesting as you can set up an interval and duration of an user's working time.

If the user's time limit has been set up and it has been reached, the computer shuts down and that user can not log-on again until their permitted time range arrives. Also if you un-check a particular day then the user won't be able to work on this day of the week at all.

In other words, you decide when a particular user can use your computer: duration, days of the week, time interval. This option gives you total control over your computer. Be sure you eliminate any Safe Mode Accessing so that you will not find yourself in an awkward situation when you cannot log into your own account because the administrator rights have been changed.

Folder Guard feature allows you to protect your files from deletion and decide who gets full access to them. The options available under this include protecting the data by making it “read-only” for any processes or hide it (makes it inaccessible for any processes). Additionally, It works with Network folders and fully supports protection of removable media (such as floppies, CD Roms, DVD, ZIP and some SCSI and RAID drives). To make it work you should set up the option "Enable Folders protection". Next press the "Add" button , enter the path to some folder you want to protect , enter File Mask , choose the protection mode.

The Good

Extraordinary features are available. If all of them would have properly worked then 1st Security Center Pro would have given you total control on your computer and other user's accounts.

Very easy to use and the tips explain each option available in the menus and folders.

The Bad

I wish it were more expensive and every option worked. Care should be taken when handling it as some features will continue to be in effect even if they are disabled in 1st Security Center Pro.

The Truth

I knew it was too good to be true the minute I saw the features and the price. Despite the very attractive price the application is not working properly and that is too bad as the features encapsulated are amazing.

Here are some snapshots of the application in action:

























Review imageReview imageReview imageReview image
Review imageReview imageReview imageReview image
Review imageReview imageReview imageReview image
Review imageReview imageReview imageReview image

A New Approach to Mutating Malware

"CBC is reporting that researchers at the Penn State University have discovered a new method of fighting malware that better responds to mutations. From the article: 'The new system identifies a host computer with a high rate of homogeneous connection requests, and blocks the offending computer so no worm-infected packets of data can be sent from it.' This is a change from previous methods, which compared suspected viruses against known signatures. Mutations in malware took advantage of the time-delay between the initial infection and the time taken by the anti-virus system to update its known signatures. This new system claims to be able to recognize new infections nearly instantly, and to cancel the quarantine in case of false alarm."

Monday, January 22, 2007

The Anatomy of Pump N' Dump Stock Spamming

"Laura Frieder and Jonathan Zittrain have analyzed pump n' dump spam activity in their paper 'Spam Works: Evidence from Stock Touts and Corresponding Market Activity'. Unbelievably, it appears that spammers are able to achieve a 5% gain on pumped stock before dumping it, along with a dramatic increase in transaction volume of the stock. From the synopsis: ' We suggest that the effectiveness of spammed stock touting calls into question prevailing models of securities regulation that rely principally on the proper labeling of information and disclosure of conflicts of interest to protect consumers, and we propose several regulatory and industry interventions. Based on a large sample of touted stocks listed on the Pink Sheets quotation system, we find that stocks experience a significantly positive return on days prior to heavy touting via spam. Volume of trading responds positively and significantly to heavy touting.'"