Skip navigation

Security UPDATE--A Flurry of Enterprise Spyware Solutions--December 1, 2004

To receive Security UPDATE in HTML format in the near future, click the following link

You need to sign up only once--no need to click each week.

To make sure that your copy of Security UPDATE isn't mistakenly blocked by antispam software, add [email protected] to your list of allowed senders and contacts.


This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Security UPDATE.

Free Patch Management White Paper from St. Bernard Software

Get thawte's New Step-by-Step SSL Guide for MSIIS


1. In Focus: A Flurry of Enterprise Spyware Solutions

2. Security News and Features

- Recent Security Vulnerabilities

- Update Rollup to Replace Windows 2000 SP5

- PortQry

3. Security Matters Blog

- BSD or Linux?

- Anti-Spam Redux

4. Instant Poll

5. Security Toolkit


- Security Forum Featured Thread

6. New and Improved

- Appliance Offers Security Modules


==== Sponsor: Free Patch Management White Paper from St. Bernard Software ====

Successful patch management is a core component of maintaining a secure computing environment. With a growing number of patches being released by Microsoft weekly, IT administrators must be vigilant in assuring that the machines on their networks are accurately patched. Although Microsoft offers tools to assist administrators with the tasks of patching, they are often time-consuming and far from comprehensive. However there are solutions on the market that can reliably and accurately automate the tasks involved in successful patch management. In this free white paper, learn more about the patch management dilemma and patch management solutions. Download this free white paper now!


==== 1. In Focus: A Flurry of Enterprise Spyware Solutions ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Do you have a problem with spyware? As you know, spyware is that problematic type of software that gathers information or tracks system usage and reports that data to outside sources without the user's knowledge. Obviously, this sort of software can be a threat to your enterprise security. Spyware can be installed on systems through a variety of methods, including malicious ActiveX controls, Web-based scripts, file-download mechanisms, assorted email content, and software installation that appears legitimate.

Desktop- and gateway-based firewalls as well as content filtering systems can help detect and block spyware. For example, some desktop firewall solutions prevent unauthorized applications from communicating on the network. But they don't necessarily prevent spyware from becoming installed, nor do they stop it from collecting data.

Dozens of standalone desktop solutions identify and remove spyware. But managing standalone desktop software across an enterprise isn't exactly a simple chore, so these solutions aren't exactly ideal for businesses. If spyware is a problem on your network, you might consider using an enterprise antispyware solution--and by "enterprise," I mean a solution that offers its own centralized management system. Many people aren't aware that numerous enterprise antispyware solutions are either already available or will soon be released. At the URL below, you'll find a long list of spyware packages, both standalone and enterprise.

Below you'll find a quick rundown of the products I know about, listed in no particular order. If I've missed any products that you're aware of, please send me an email message with a brief product description (or at least a URL to a Web page) and I'll update the list.

-- Finjan Vital Security: appliance-based solution that also provides antivirus functionality, URL filtering, Instant Messaging (IM) logging, Secure Sockets Layer (SSL), watermarking, mail content filtering, and junk mail filtering.

-- PestPatrol Corporate Edition: software-based solution that also provides protection against Distributed Denial of Service (DDoS) attacks, keystroke loggers, Trojan horses, and more.

-- WebSense Enterprise: software-based solution that protects against spyware, keystroke loggers, phishing attempts, malicious mobile code, and more

-- MicroWorld Technologies' eScan Enterprise Edition: software-based solution that also provides antivirus, junk mail filtering, pop-up filtering, NetBIOS firewall, and more.

-- Webroot Spy Sweeper Enterprise: software-based solution designed specifically to guard against spyware.

-- Tenebril's SpyCatcher Enterprise: software-based solution designed specifically to guard against spyware.

-- InterMute's SpySubtract Enterprise Edition: software-based solution designed specifically to guard against spyware.

-- Xblock Systems' X-Cleaner Enterprise Edition: antispyware solution that also protects against Trojan horses, keystroke loggers, and more.

-- Omniquad AntiSpy Enterprise Edition: antispyware solution that also protects against keystroke loggers and more.

-- Norman Ad-Aware Professional Edition: antispyware solution, plus protection against data mining, aggressive advertising, selected traditional Trojan horses, dialers, malware, and tracking components.

-- DynaComm i:scan: passive scanner that removes spyware, P2P software, file surveillence and more

-- Prevx Enterprise: protects against spyware, plus protection against viruses, malicious code, malware, and more

-- Kaspersky Anti-Virus SuperSecure Database: add-on databases that protect against spyware and also provide protection against malicious code, auto-dialers, backdoors, and much more.

-- GFI DownloadSecurity for ISA Server: integrates with Kaspersky's Anti-Virus and SuperSecure database to help quarantine spyware, and also provides protection again other types of downloadable content.

Four other companies intend to release enterprise antispyware solutions in the near future:

-- McAfee Anti-Spyware Enterprise Edition Module: software-based add-on to the company's antivirus solution that also protects against Trojan horses, keystroke loggers, and more.

-- Sunbelt Software's CounterSpy Enterprise

-- Aluria Spyware Eliminator

-- GIANT AntiSpyware for Enterprises

In 2005, Windows IT Pro plans an article that will review some of these solutions. So if you're interested in a comparison of these products, be on the lookout for the article. Until next time, have a great week.


==== Sponsor: Get thawte's New Step-by-Step SSL Guide for MSIIS ====

In need of a SSL Certificate for your Microsoft Internet Information Services (MS IIS) web server? This guide will provide a solution for your need by demonstrating how to test, purchase, install and use a digital certificate on your MSIIS web server. Best practices are highlighted throughout this guide to help you ensure efficient ongoing management of your encryption keys and digital certificates. You will also discover how a particular digital certificate can benefit your business by addressing unique online security issues to build customer confidence.


==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

Update Rollup to Replace Windows 2000 SP5

Microsoft announced that it will scrap plans for Windows 2000 Service Pack 5 (SP5) and instead issue an Update Rollup package. In a market bulletin posted on its Web site, the company said the Update Rollup will be released in mid-2005 and will appear as a critical update item in Windows Update.


Whether you need to troubleshoot a necessary network service or detect unwanted programs, you need to be able to understand and manage the traffic between computers on your network. A basic step toward doing so is determining which programs are listening on your computer systems' network ports. Jeff Fellinge describes a helpful port-scanning tool.


==== Announcements ====

(from Windows IT Pro and its partners)

New Web Seminar! Meeting the Risks of Instant Messaging Head On

In this free on-demand Web seminar, we'll expose you to the variety of risks associated with IM-like malware and the disclosure of confidential information and how addressing these risks can be mitigated. You'll learn which risks can be addressed without special IM security solutions and which can't. And you'll receive a list of top requirements to consider when evaluating an IM security solution. Register now!

Take the "5 Steps to Ensuring Regulatory Compliance"

While the cost of noncompliance can be staggering--including jail time and fines--the number of government regulations and audits continues to mount. Don't miss this free on-demand Web seminar and discover how to address these new government regulations. Discover common tactics to achieve compliance, including how to leverage AD and Group Policy. Register now!

Are You an Active Directory Expert?

The IT Prolympics competition may be over but that doesn't mean you have to stop testing your knowledge. Download the free IT Prolympics Active Directory and Group Policy study guide and get those brain cells in shape. Practice your skills by taking the exam and virtual lab tests. Get the free study guide now!

Windows Connections Conference Spring 2005

Mark your calendar for the Windows Connections spring 2005 conference, April 17-20, 2005, at the Hyatt Regency in San Francisco, California. Attend sessions jam-packed with tips and techniques you need to know to ensure success in today's enterprise deployments. Call 203-268-3204 or 800-505-1201 for more info and check our Web sites for updates.


==== 3. Security Matters Blog ====

by Mark Joseph Edwards,

Check out these recent entries in the Security Matters blog:

BSD or Linux?

Lots of people are integrating Linux into their environments. I wonder how many of you have or will integrate BSD. Many people contend that BSD is a much safer OS than Linux, and a few BSD distributions (OpenBSD, FreeBSD, NetBSD) pride themselves on security right out of the box.

Anti-Spam Redux

Some entities can't resist striking back at spammers. I recently came across an interesting story at The Register, "Lycos Screensaver to Blitz Spam Servers." If you read the story, you'll learn that Lycos Europe has released a screensaver for Windows and Mac OS X systems that will retaliate against alleged sources of spam.

==== 4. Instant Poll ====

Results of Previous Poll:

Does your company use blacklists to help filter unwanted email?

The voting has closed in this Windows IT Pro Security Hot Topic nonscientific Instant Poll. Here are the results from the 105 votes.

- 26% Yes, we use blacklists to weight a message as potential junk

- 38% Yes, we drop all mail from addresses that appear in blacklists

- 4% No, but we might start

- 32% No

New Instant Poll:

Do you use an enterprise antispyware solution?

- Yes, a standalone solution

- Yes, as part of our Web content filtering solution

- Yes, as part of our antivirus solution

- No, but we plan to soon

- No

Go to the Security Hot Topic and submit your vote

==== 5. Security Toolkit ====


by John Savill,

Q: How can I quickly obtain a list of the domain controllers (DCs) in my Active Directory (AD) domain?

Find the answer at

Security Forum Featured Thread

A forum participant writes that he has a server farm with Citrix MetaFrame Presentation Server 3.0 systems and a customer that doesn't want to give these servers access to his LAN because he has database servers that could be tampered with. The forum participant wonders whether he can install ISA Server 2004 between his Citrix systems and his firewall and use it to control access on the user or group level to prevent the customer's database servers from being exposed. Join the discussion at


==== Events Central ====

(A complete Web and live events directory brought to you by Windows IT Pro at )

From Chaos to Control: Using Service Management to Reclaim Your Life

Take control of your workday! If you are supporting 24 x 7 operations by working around the clock instead of 9 to 5, learn how you can benefit from a sound service-management strategy. In this free on-demand Web seminar, you'll learn practical steps for implementing service management for your key Windows systems and applications. Register now!


==== 6. New and Improved ====

by Renee Munshi, [email protected]

Appliance Offers Security Modules

Barbedwire Technologies offers the DP Inspector (pronounced "Deep Inspector") series of security appliances for midsized and enterprise-class networks. DP Inspector provides a modular approach to the implementation of security mechanisms. DP Inspector includes a firewall, VPN, packet filtering, antivirus, and antispam technologies and can be upgraded with URL filters, an Intrusion Detection System (IDS), vulnerability scanner, Wi-Fi security, and a Security Event Management System (SEMS). For more information, go to

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected].

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Security Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected]. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.


==== Contact Us ====

About the newsletter -- [email protected]

About technical questions --

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]


This email newsletter is brought to you by Security Administrator, the leading publication for IT professionals securing the Windows enterprise from external intruders and controlling access for internal users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.