Josh McCune Network Security Analyst Kansas State University email: [email protected]

voice: (785) 532-2598 Secure computing on a limited budget

TrendMicro OfficeScan

 http://antivirus.k-state.edu

 Works on:  Windows  Mac OS X  Virus protection  Firewall  Intrusion Detection   Heuristic Scanning “Cloud Scanning”

TrendMicro OfficeScan Licensing

 K-State centrally funds a site license for faculty, staff, and students  Can be installed on any computer used by licensed individuals (even at home)

K-State Antivirus Policy (PPM 3430)



The following computers must use the university-supplied antivirus software configured in a managed mode ("managed mode" allows a server to monitor and configure the antivirus protection on the client computer and push updates to the client on demand):

  

Any university-owned computer Student-owned computers in K-State residence halls Users of K-State's Virtual Private Network (VPN) or dial-up modem service



Users of K-State's wireless or wired network if it is a university-owned computer or one that belongs to a current K-State faculty, staff, or student.

CCleaner

         http://www.piriform.com/ccleaner

Internet Explorer

Temporary files, history, cookies, Autocomplete form history, index.dat.

Firefox

Temporary files, history, cookies, download history, form history.

Google Chrome

Temporary files, history, cookies, download history, form history.

Opera

Temporary files, history, cookies.

Safari

Temporary files, history, cookies, form history.

Windows

Recycle Bin, Recent Documents, Temporary files and Log files.

Registry Cleaner

Advanced features to remove unused and old entries, including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more... also comes with a comprehensive backup feature.

Third-party applications

Removes temp files and recent file lists (MRUs) from many apps including Media Player, eMule, Google Toolbar, Netscape, Microsoft Office, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and many more...

CCleaner Licensing



Piriform grants you a limited non-exclusive licence to use this software for any purpose, including commercial applications and redistribute it freely, subject to the following restrictions:

        The origin of this software must not be misrepresented; you must not claim that you wrote the original software.

You must not alter the software, user licence or installer in any way.

This notice may not be removed or altered from any distribution.

You may not resell or charge for the software.

You may not reverse engineer, decompile, disassemble, derive the source code of or modify [or create derivative work from] the program.

You must not use CCleaner to engage in or allow others to engage in any illegal activity.

You may not claim any sponsorship by, endorsement by, or affiliation with our company.

You acknowledge that Piriform owns the copyright and all associated intellectual property rights relating to the software.

Password Safe

 http://passwordsafe.sourceforge.net/  Only works on Windows  Stores all your passwords in a single encrypted database  Automatically generates secure passwords  Allows you to copy/paste passwords  “Autotype”

Password Safe Licensing

 Open source  Creative Commons Artistic License 2.0

 “You are permitted to use the Standard Version and create and use Modified Versions for any purpose without restriction, provided that you do not Distribute the Modified Version."

Web of Trust

       http://www.mywot.com/ Works on:  Window   Mac OS X Linux Compatible with:  Firefox   Google Chrome Internet Explorer  Safari Community-based website rating browser add-on Green means safe Yellow means caution Red means stop

Web of Trust Licensing

 WOT hereby grants to you and you fully accept, upon delivery, a personal, limited, non exclusive and non-transferable right to use the Services. This license enters into force through aforementioned procedure and no title shall pass to you. In addition to the license granted in this section, you shall have the right to access the Services in accordance with the Terms. The license does not allow you to use WOT name, WOT trademarks or other commercial symbols. All rights and licenses not expressly granted to you under this agreement shall be retained by WOT.

File Shredder

 http://www.fileshredder.org

 Works on:  Windows NT  Windows 2000  Windows XP  Windows 2003 Server  Windows Vista 

Shred Files and Folders



Shred Free Disk Space

File Shredder Licensing

  File Shredder is released under GNU/GPL General Public License. It is free for both personal and commercial use .

The SOFTWARE PRODUCT is protected by copyright laws and international copyright treaties. The SOFTWARE PRODUCT is licensed, not sold. This EULA does not give you any license to the copyrights or other intellectual property rights. All rights not expressly granted by this EULA are reserved to ("AUTHOR").  DISTRIBUTION: You may distribute this program in unmodified form via electronic means or on CD compilations. You may not sell this program.

Truecrypt

        http://www.truecrypt.org/ Creates a

virtual encrypted disk

a real disk.

within a file and mounts it as Encrypts an

entire partition or storage device

flash drive or hard drive.

such as USB Encrypts a

partition or drive where Windows is installed

(pre-boot authentication).

Encryption is

transparent

.

automatic

,

real-time

(on-the-fly) and Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.

Encryption can be hardware-accelerated on modern processors.

Provides

plausible deniability

, in case an adversary forces you to reveal the password: 

Hidden volume

(steganography) and

hidden operating system

.

Truecrypt Licensing

 Permission is granted to anyone to use this software for any purpose, including commercial applications following restrictions: , and to alter it and redistribute it freely, subject to the  The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.

 Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.

 This notice may not be removed or altered from any source distribution.

Oracle VirtualBox

         http://www.virtualbox.org

Works on Windows, OSX, Linux, & Solaris “Guest Additions” for Windows, Linux, & Solaris Shared Folders Snapshots “Seamless Mode” Built in VNC Server Mostly open source Closed source features currently include:  RDP Server  USB Support  USB over RDP

Oracle VirtualBox Licensing

 Oracle grants you a personal, non-exclusive, non transferable, limited license without fees to reproduce, install, execute, and use internally the Product a Host Computer for your Personal Use, Guest Computers remotely. Educational Use in an academic institution (schools, colleges and universities, by teachers and students). are no longer permitted to evaluate the Product. , or Evaluation. “Personal Use” requires that you use the Product on the same Host Computer where you installed it yourself and that no more than one client connect to that Host Computer at a time for the purpose of displaying “Educational use” is any use “Evaluation” means testing the Product for a reasonable period (that is, normally for a few weeks); after expiry of that term, you

TrendMicro Rootkit Buster

   http://free.antivirus.com/rootkit-buster/ Scans for:  Hidden Files      Hidden Registry Entries Hidden Processes Hidden Drivers Hooked System Services MBR Rootkits Works on:    Microsoft Windows 2000 Professional/Server/Advance Server Microsoft Windows 2003 Standard/Web/Data Center/Enterprise Server Microsoft Windows XP Home/Professional with SP2 or above   Windows Vista SP1/without a service pack x64 operating systems are not supported.

Sysinternals Autoruns

  http://technet.microsoft.com/en us/sysinternals/bb963902.aspx

      Shows you what programs are configured to run during system bootup or login in the order Windows processes them including:  Startup folder Run, RunOnce, and other Registry keys Explorer shell extensions Toolbars Browser helper objects Winlogon notifications Auto-start services

Sysinternals Process Explorer

 http://technet.microsoft.com/en us/sysinternals/bb896653.aspx

 Task Manager on steroids  Shows you information about which handles and DLLs processes have opened or loaded

Sysinternals Process Monitor

 http://technet.microsoft.com/en us/sysinternals/bb896645.aspx

 Shows real-time file system, registry and process/thread activity

Sysinternals Licensing

     Subsidiary of Microsoft, purchased in 2006 “There is no limit to the number of times you may install and use the software on your devices or those you support.

” “Microsoft has no plans to remove or charge for these tools ” “All Sysinternals tools are offered 'as is' with no official Microsoft support" “We are not offering any distribution licenses, even if the 3rd party is distributing them for free. We encourage people to download the utilities from our download center where they can be assured to get the most recent version of the utility.

”

Read the EULAs!

 A number of “free” tools may not be free the way that you’re using them

Popular “free” tools with license restrictions

 MalwareBytes  Spybot  VMWare Player

MalwareBytes Licensing

 Subject to the restrictions below, you may use the Malwarebytes' Software for any legitimate purpose.

In return, we simply require that you agree: 1. Not to use this software for commercial use without proper licensing.

 "The Technician's license would allow a single technician to install, scan, detect and remove malware from any of your internal computers one at a time and uninstall when complete… The pricing breakout is 75.00 GBP ($119.13 at the time of writing

)

per technician per year …”

Spybot Licensing



Corporate use:

As companies are not individual persons and would have problems fullfilling the above terms, there is a license for corporate users …  At time of writing Corporate Edition was $132.50 for a single computer

VMWare Player Licensing

 VMware Player is intended for your own personal non-commercial use only. Player is only distributable with written agreement from VMware.