Aurora malware Inoculation Shot
Feb 15, 2010 Security News, Security Tools
Security company HBGary has released a “free utility that will scan for and, optionally, remove the Aurora malware from a Windows Domain.”
Enterprises can easily scan for infections and remove them. The Aurora inoculation shot is digitally signed by HBGary, Inc., and utilizes existing Windows management API’s to identify infected machines. No files are copies over the network, the scan and optional removal is completely remote. WMI must be enabled in your Enterprise for inoculation shot to work. Command line instructions are as follows:
To scan a single machine: InoculateAurora.exe -scan 192.168.0.1 InoculateAurora.exe -scan MYBOXNAME To scan multiple machines: InoculateAurora.exe -range 192.168.0.1 192.168.0.254 To automatically attempt a clean operation: InoculateAurora.exe -range 192.168.0.1 192.168.0.254 -clean To scan a list of machines in a .txt file: InoculateAurora.exe -list targets.txt
What are you waiting for? Go get it here.
F-SECURE Releases New Rescue CD
Oct 12, 2009 Security News, Security Tools
F-Secure has updated their fine Linux-based Rescue CDs:
What is Rescue CD?
Rescue CD is a free tool you can use to fix a computer that no longer starts because the operating system has been corrupted by malware. For more advanced users, Rescue CD enables other kinds of repair and data recovery operations as well. When should I use it? There are two main situations when you should use the Rescue CD:
The computer no longer starts, as the operating system has been corrupted by malware. In this case you can use the Rescue CD to scan the computer and quarantine the malware. This may allow the operating system to start properly again.
If you suspect that your security software has been compromised by malware. You can use the Rescue CD to check this, as it is independent of the operating system
They have added some additional tools for system recovery and forensics:
* PhotoRec is a tool that can be used to recover data that has been accidentally deleted or lost due to a corrupted file system on a disk.
* TestDisk is another data recovery tool that can be used to recover a lost partition, for example.
* smartmontools contain utilities that can be used to inspect S.M.A.R.T. values of hard disks. By analyzing these numbers you may get a hint if your hard disk is starting to show signs of breaking down.
You can download the CD image here.
