Index

• General Info
• Links to Tool and Information Sites
• Current Patch Lists
• Specific Vulnerabilities

General Info

Worms and viruses are wreaking havoc on some Internet web servers, mail servers and workstations. In many cases, just having some basic security features enables and some security patches installed will give a server or workstation reasonable protection.

I created this page to show some of the tools and information sources I use to keep up with the many vulnerabilities exposed by Internet connections. It's almost a full-time job just keeping all the patches on Microsoft products

Contact Us if you need help implementing security patches, changing your configuration and setting up a security policy for your company.

Links to Tool and Information Sites

• Gibson Research Corporation - Leak Test, Shields Up, NanoScan
• Hideaway
• Packet Storm Security
• New Order
• Security Bulletin Search
• SANS - Security site with useful mailing lists
• Security Focus - Security site with tools and information
• Symantec Antivirus Research Center - Virus/worm hot list and information base.
• Trend Micro - Free Online Virus Scanner

Current Patch Lists

• Microsoft Technet Security Information

Specific Vulnerabilities

Windows Areas of Concern

These are common Windows Registry locations where viruses and trojans often install themselves. This is also a place to look for programs that start when Windows boots.

Windows Registry Keys

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run (boot)
• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce (boot)
• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices (boot)
• HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services (NT/2000) (boot?)
• HKEY_CLASSES_ROOT\exefile\shell\open\command (When files/programs are run)
• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\WinLogon (NT/2000 at Logon)

Windows Startup Folder