Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
450
Views
0
Helpful
3
Replies

CSA: Spyware & Adware detection

irelandsky
Level 1
Level 1

‎05-08-2005 09:59 PM - edited ‎03-09-2019 11:11 AM

Hi all,

i read on CSA 4.5 white paper that security agents are able to intercept and block spyware/adware attack.

I try to find on pre-configured rules into my csamc 4.5 these kind of interceprion rule but i found nothing.

So, what kind of policy help me to prevent spyware/adaware attack on my security agent??

Thanks in advance

Matt

Labels:
0 Helpful
3 Replies 3

travis-dennis_2
Level 7
Level 7

‎05-09-2005 05:44 AM

The default policy contains a rule that catches keystroke logging. This is the biggest threat spyware has in my opinion. The deafult rule will also catch remote control attempts and as far as adware goes that depends on what the adware is trying to do. If it is considered an exploit then CSA will most likely stop it. Some adware flies under the radar so to speak and might require some tuning on the part of CSA to catch.

For the cookies issues I like Ad Aware. They make a free product for personal use. Download it from here http://www.lavasoftusa.com/support/download and take it for a spin. It can stop cookies cold. The pay version works even better.

Hope this helps.

Please remember to rate all replies.

0 Helpful

davinder
Level 1
Level 1
In response to travis-dennis_2

‎05-09-2005 06:46 AM

Travis,

You said "Some adware flies under the radar so to speak and might require some tuning on the part of CSA to catch"

Could you elaborate this?

Thanks

0 Helpful

tsteger1
Level 8
Level 8
In response to travis-dennis_2

‎05-09-2005 12:43 PM

I like AdAware too but they don't have a corporate eval version. We are currently evaluating MS AntiSpyware which is a pretty good product for cleanups.

You may want to look to your AV vendor for Antispyware protection so that they are the ones monitoring new threats and updating signatures.

I tried using CSA to manage the 'under the radar' stuff but keeping track of threats was too much work.

I lump this threat in with viruses and other malware and would rather pay someone else to keep track of it. Like Travis said, CSA will catch most malicious spyware with the default policies but I chose to let someone else manage the "legal" spyware/adware, that is, the stuff the users installed when they downloaded that "free" software.

Tom

0 Helpful
Customers Also Viewed These Support Documents