Le Rapporteur spécial de l’ONU sur la promotion et la protection de la liberté d’opinion et d’expression, David Kaye, demande que les gouvernements renoncent aux lois…
This app is designed to safely test that your antivirus product detects viruses and other harmful applications. It is based on the security industry standard test file recommended by European Institute for Computer Anti-Virus Research (EICAR) for testing antivirus software. The app is completely harmless.
When you download this app, your virus protection software should detect it as infected and recommend you to uninstall it. The app also works with any PC security software, but please note that your PC antivirus may automatically remove or quarantine it.
Top 10 Secure Coding Practices
Validate input. Validate input from all untrusted data sources. Proper input validation can eliminate the vast majority of software vulnerabilities. Be suspicious of most external data sources, including command line arguments, network interfaces, environmental variables, and user controlled files [Seacord 05].
Heed compiler warnings. Compile code using the highest warning level available for your compiler and eliminate warnings by modifying the code [C MSC00-A, C++ MSC00-A]. Use static and dynamic analysis tools to detect and eliminate additional security flaws.
Architect and design for security policies. Create a software architecture and design your software to implement and enforce security policies. For example, if your system requires different privileges at different times, consider dividing the system into distinct intercommunicating subsystems, each with an appropriate privilege set.
Keep it simple. Keep the design as simple and small as possible [Saltzer 74, Saltzer 75]. Complex designs increase the likelihood that errors will be made in their implementation, configuration, and use. Additionally, the effort required to achieve an appropriate level of assurance increases dramatically as security mechanisms become more complex.
Default deny. Base access decisions on permission rather than exclusion. This means that, by default, access is denied and the protection scheme identifies conditions under which access is permitted [Saltzer 74, Saltzer 75].
Adhere to the principle of least privilege. Every process should execute with the the least set of privileges necessary to complete the job. Any elevated permission should be held for a minimum time. This approach reduces the opportunities an attacker has to execute arbitrary code with elevated privileges [Saltzer 74, Saltzer 75].
Sanitize data sent to other systems. Sanitize all data passed to complex subsystems [C STR02-A] such as command shells, relational databases, and commercial off-the-shelf (COTS) components. Attackers may be able to invoke unused functionality in these components through the use of SQL, command, or other injection attacks. This is not necessarily an input validation problem because the complex subsystem being invoked does not understand the context in which the call is made. Because the calling process understands the context, it is responsible for sanitizing the data before invoking the subsystem.
Practice defense in depth. Manage risk with multiple defensive strategies, so that if one layer of defense turns out to be inadequate, another layer of defense can prevent a security flaw from becoming an exploitable vulnerability and/or limit the consequences of a successful exploit. For example, combining secure programming techniques with secure runtime environments should reduce the likelihood that vulnerabilities remaining in the code at deployment time can be exploited in the operational environment [Seacord 05].
Use effective quality assurance techniques. Good quality assurance techniques can be effective in identifying and eliminating vulnerabilities. Fuzz testing, penetration testing, and source code audits should all be incorporated as part of an effective quality assurance program. Independent security reviews can lead to more secure systems. External reviewers bring an independent perspective; for example, in identifying and correcting invalid assumptions [Seacord 05].
Adopt a secure coding standard. Develop and/or apply a secure coding standard for your target development language and platform.
Bonus Secure Coding Practices
Define security requirements. Identify and document security requirements early in the development life cycle and make sure that subsequent development artifacts are evaluated for compliance with those requirements. When security requirements are not defined, the security of the resulting system cannot be effectively evaluated.
Model threats. Use threat modeling to anticipate the threats to which the software will be subjected. Threat modeling involves identifying key assets, decomposing the application, identifying and categorizing the threats to each asset or component, rating the threats based on a risk ranking, and then developing threat mitigation strategies that are implemented in designs, code, and test cases [Swiderski 04].
Version: 0.9.2.1200 | Platform: Windows | Category: Security Utilities | Total Downloads: 2,429 | Downloads last week: 1,238
Added on July 01, 2013Malwarebytes Anti-Exploit BETA, formerly known as ExploitShield by ZeroVulnerabilityLabs, is a security program that protects you from zero-day exploits that target browser and application vulnerabilities. This program is meant to run alongside your traditional anti-virus or anti-malware products and provides extra protection against software and Windows vulnerabilities that are discovered, but do not have a patch available to fix them.
Version: 3.7 | Platform: Windows | Category: Anti-Virus | Total Downloads: 64,437 | Downloads last week: 4,939
Added on April 03, 2013HitmanPro is an anti-virus program that describes itself as a second opinion scanner that should be used in conjunction with another anti-virus program that you may already have installed. If malware slips past your anti-virus software, HitmanPro will then step in to detect it. Though SurfRite bills themselves as a second opinion scanner that does not mean that you cannot use the program as your primary anti-virus product. This is because its scanning technology not only incorporates its own virus definitions but also has the ability to scan files on your computer with the definitions of 5 other anti-virus vendors.
Version: 18.104.22.168 | Platform: Windows | Category: Security Utilities | Total Downloads: 26,566 | Downloads last week: 2,778
Added on June 11, 2013Shortcut Cleaner is a utility that will scan your computer for Windows shortcuts that have been hijacked by unwanted or malicious software. When Shortcut Cleaner finds bad shortcuts, it will automatically clean them so that they do not open unwanted programs.
Version: 1.01.0.1021 | Platform: Windows | Category: Rootkit Scanner | Total Downloads: 90,574 | Downloads last week: 2,361
Added on March 21, 2013Malwarebytes Anti-Rootkit is a free program that can be used to search for and remove rootkits from your computer. When started, Malwarebytes Anti-Rootkit will scan your computer and allow you to remove any rootkits that it finds.
Platform: Windows | Category: Security Utilities | Total Downloads: 133,715 | Downloads last week: 9,822
Added on December 14, 2012Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer. A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue. This tool will help you remove these types of programs.
Platform: Windows | Category: Security Utilities | Total Downloads: 1,516,212 | Downloads last week: 88,061
Added on July 11, 2013AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer. By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.
Platform: Windows | Category: Security Utilities | Total Downloads: 13,139 | Downloads last week: 419
Added on January 16, 2013SecurityCheck is a program that searches for installed and running security programs on a user’s program. After it is finished, SecurityCheck will then display a log file that contains information about the security programs found on your computer and the status of security services such as Windows Firewall.
Platform: Windows | Category: Security Utilities | Total Downloads: 122,826 | Downloads last week: 6,088
Added on October 01, 2012RogueKiller is a security tool that can be used to terminate and remove malicious processes and programs from your computer. RogueKiller has the ability to remove infections such as ZeroAccess, TDSS, rogue anti-spyware programs, and Ransomwares.
Platform: Windows | Category: Anti-Spyware | Total Downloads: 30,704 | Downloads last week: 815
Added on September 27, 2012SUPERAntiSpyware is a free anti-spyware program that offers excellent detections and quick removal of common infections. As malware is constantly evolving and new variants are released, there is not one particular security program that will be able to protect you from all threats. Therefore it is important to have a variety of programs in your security toolbox that you can use to scan your computer for malware and aid you in their removal. SUPERAntiSpyware is definitely one of the programs that you want to have at your disposal.
Version: 3.0 | Platform: Windows | Category: Monitoring Software | Total Downloads: 17,859 | Downloads last week: 309
Added on August 07, 2012Secunia PSI is a tool that can be used to monitor your installed applications for new updates. When started, Secunia PSI will scan your computer for applications and install any updates that are available for them. This allows your computer to remain secure from possible vulnerabilities in your installed programs.Platform: Windows | Category: Security Utilities | Total Downloads: 11,833 | Downloads last week: 178
Added on August 24, 2012BlitzBlank is an advanced system administration tool that allows you to disable drivers, delete files, folders, Windows Registry keys and values that are in-use or locked by malware. BlitzBlank also includes the ability to create scripts for removing multiple files, folders, and Registry information at once in order to avoid malware recreating the files and locking them again. This tool should only be used by advanced system administrators and IT professionals due to its ability to delete almost any file or folder.
Platform: Windows | Category: Anti-Virus | Total Downloads: 115,794 | Downloads last week: 718
Added on January 27, 2013Emsisoft Emergency Kit is a collection of standalone security programs and scanners that can be run from a USB key, bootable CD/DVD, or from within Windows Safe Mode without having to download and install a full security product. This program is very useful for infections, such as Ransomware, that cannot be removed while the infections are active or while logged into Windows.
Platform: Windows | Category: Security Utilities | Total Downloads: 30,667 | Downloads last week: 625
Added on July 24, 2012OTL, or OldTimer ListIt, is a tool that is used to diagnose a computer for a possible malware presence and to provide system diagnostics information that can by someone working on a computer. When run, OTL will scan your computer for a variety of information and then generate a report with a tremendous amount of information about your computer’s hardware, programs, files, and running environment.
Version: 2.0.4 | Platform: Windows | Category: Security Utilities | Total Downloads: 112,015 | Downloads last week: 1,991
Added on August 24, 2012HijackThis is a program that can be used to quickly spot home page hijackers and startup programs that you do not want to start automatically. This program is a not anti-virus program, but rather a enumerator that lists programs that are starting up automatically on your computer as well as other configuration information that is commonly hijacked.
Platform: Windows | Category: Security Utilities | Total Downloads: 12,752 | Downloads last week: 227
Added on June 02, 2012Hosts-perm.bat is a batch file that will reset the permissions for the Windows HOSTS file. In the event that you attempt to delete or modify the HOSTS file and receive a message stating that you do not have permission, you can use the Hosts-perm.bat to reset the permissions so that you can properly access it.
Platform: Windows | Category: Security Utilities | Total Downloads: 13,638 | Downloads last week: 206
Added on June 13, 2012ListParts is a small utility that will create a log that contains a listing of all the hard drive partitions on your computer, which can then be posted on the forum that you are receiving help. This tool is useful for diagnosing rootkit infections that create additional hidden partitions on your computer.
Version: 1.3 | Platform: Windows | Category: Security Utilities | Total Downloads: 3,365 | Downloads last week: 45
Added on May 09, 2013VT Hash check adds a context menu item for all files allowing you to quickly search VirusTotal.com for matching files and their corresponding malware reports.
Platform: Windows | Category: Security Utilities | Total Downloads: 13,037 | Downloads last week: 234
Added on May 30, 2012GrantPerms is a small portable tool that can be used to check permissions or unlock multiple files and folders. It is useful in cases where malware locks security files and system files and prevent them from running even after the malware is removed.
Platform: Windows | Category: Security Utilities | Total Downloads: 59,263 | Downloads last week: 1,331
Added on June 26, 2012MiniToolBox detects Internet connection issues due to broken or hijacked LSP, proxy settings, and problems with network adapters. It can also be used to detecte search redirections and router hijackings.
Platform: Windows | Category: Security Utilities | Total Downloads: 143,221 | Downloads last week: 4,139
Added on April 22, 2013Farbar Recovery Scan Tool, or FRST, is a portable application designed to run on Windows XP, Windows Vista, Windows 7 and Windows 8 in normal or safe mode to diagnose malware issues.Platform: Windows | Category: Security Utilities | Total Downloads: 85,921 | Downloads last week: 1,770
Added on July 02, 2013Farbar Service Scanner allows you to diagnose network connectivity issues due to corrupted or missing Windows services.
Version: 22.214.171.124 | Platform: Windows | Category: Anti-Virus | Total Downloads: 10,507,380 | Downloads last week: 155,855
Added on January 29, 2013ComboFix is a program, created by sUBs, that scans your computer for known malware, and when found, attempts to clean these infections automatically. In addition to being able to remove a large amount of the most common and current malware, ComboFix also displays a report that can be used by trained helpers to remove malware that is not automatically removed by the program.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 11,231 | Downloads last week: 162
Added on May 21, 2012Vba32 AntiRootkit is an advanced Rootkit scanner from VirusBlockAda. This free scanner will search for kernel-mode rootkits, suspicious autoruns, and hidden processes. VBA AntiRootkit is an advanced tool as it does not perform an automatic scan and removal. Instead it displays any possible issues, which you will then have to decide how to act upon.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 9,051 | Downloads last week: 165
Added on May 21, 2012McAfee Labs Rootkit Remover is a free stand-alone product that scans your computer for Rootkits and attempts to remove them. This version of Rootkit Remover is limited as it only detected and removes the ZeroAccess and TDSS family of rootkits.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 8,489 | Downloads last week: 152
Added on May 20, 2012Panda Anti-Rootkit is a free rootkit scanner from Panda Security. This program will scan your computer for Rootkits and attempt to remove them.
Platform: Windows | Category: Anti-Virus | Total Downloads: 12,383 | Downloads last week: 194
Added on May 20, 2012The Sophos Virus Removal Tool is a stand-alone program that allows you to perform a quick scan of your computer for computer viruses. If any infections are found it will attempt to remove them for free. As this program only scans your computer and remove any infections it finds, it can be used even if you have another anti-virus product installed.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 16,200 | Downloads last week: 289
Added on June 03, 2013Trend Micro RootkitBuster is a program that will scan your computer for Rootkits. This scanner will scan for rootkits that are using the latest technology including Master Boot Record (MBR) infections.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 7,693 | Downloads last week: 123
Added on May 19, 2012RootRepeal is a rootkit scanner thatRootRepeal is a rootkit scanner that scans for kernel-mode drivers, whether they are hidden, or if the driver file is hidden on disk. It also has the ability to look for hidden files, hidden process, SSDT hooks, hidden services, and stealth objects.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 7,116 | Downloads last week: 111
Added on May 19, 2012RootkitRevealer is a rootkit scanner from Microsoft Sysinternals. This program will search for user-mode or kernel-mode rootkits and list any API discrepancies that are found.
Platform: Windows | Category: Security Utilities | Total Downloads: 125,414 | Downloads last week: 801
Added on August 24, 2012FixExec is a program that is designed to fix executable file associations for the .bat, .exe, and .com file extensions. If the program detects any of these associations are missing, changed, or hijacked, the settings will be set back to the original Windows defaults. When file associations for batch, executable, or COM files are changed it could cause your executables to no longer start. If you are looking for FixNCR.reg, this file replaces FixNCR with greater functionality.Version: 126.96.36.199 | Platform: Windows | Category: Security Utilities | Total Downloads: 1,961,881 | Downloads last week: 37,963
Added on June 03, 2013RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running.
Version: 188.8.131.52 | Platform: Windows | Category: Security Utilities | Total Downloads: 343,891 | Downloads last week: 1,568
Added on November 24, 2012Unhide is a program that reverts back the changes made to your files and Windows Registry by the rogue.FakeHDD family of rogue anti-spyware program. This family of malware pretends to be a hard disk repair and system optimization program for Windows. In reality, though, these programs are computer infections that deliberately hide your files and change certain settings in the Windows Registry to make it appear that you have lost data on your hard drive. It will then prompt you to purchase the program to restore the data.
Platform: Windows | Category: Security Utilities | Total Downloads: 20,737 | Downloads last week: 244
Added on May 17, 2012
If you have a CD or DVD emulation software installed, it may make it harder to get accurate scan results when you scan your computer with a anti-rootkit scanner. Due to this it is wise to first disable these emulation programs before scanning your computer so that the scan results are more accurate.
Version: 184.108.40.2060 | Platform: Windows | Category: Anti-Spyware | Total Downloads: 1,718,986 | Downloads last week: 28,996
Added on April 10, 2013Malwarebytes is a light-weight anti-malware program that is excellent at removing the latest detections. This program is recommended as a support product for your normal anti-virus program.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 715,665 | Downloads last week: 20,728
Added on August 24, 2012TDSSKiller is a utility created by Kaspersky Labs that is designed to remove the TDSS rootkit. This rootkit is know under other names such as Rootkit.Win32.TDSS, Tidserv, TDSServ, and Alureon. TDSSKiller will also attempt to remove other rootkits such as the ZeroAccess or ZeroAccess rootkit if it is detected.
Version: 2.1 | Platform: Windows | Category: Rootkit Scanner | Total Downloads: 22,389 | Downloads last week: 333
Added on April 19, 2013GMER is a anti-rootkit scanner that searchs your computer for Rootkits on your computer and then allows you to attempt to remove them.
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 50,931 | Downloads last week: 840
Added on August 24, 2012aswMBR is a anti-rootkit scanner that searchs your computer for Rootkits that infect the Master Boot Record, or MBR, of your computer. This includes the TDL4/3, MBRoot (Sinowal), and Whistler rootkits. For this program to properly work it must first download the Avast virus definitions, so you will need an active Internet connection before using it.
Tips: Chattr : une commande pour empêcher la suppression des fichiers et répertoires | crowd42crowd42
Under GNU/Linux if you use
sudo chattr +i file
sudo chattr -i file
you can protect (and respectively remove the protection) a file against deletion even by the root account!
The parameter “-R” allows to do the same for a directory:
sudo chattr +i -R directory
sudo chattr -i -R directory
This tool seems to be installed by default in all the GNU/Linux distributions.
Good to know 🙂
A few days ago, I discussed with a supposedly IT expert and professional that gave me the “Apple & Mac OS products do not need any security softwares (anti-virus & all)” and “there is no such thing as a malware on Apple products” speech. Since the first danger is blissful ignorance, we decided to relay some links here and leave you the conclusion. By this post, we do not make any judgment on any product. We are merely relaying existing public information.
Here is a few links regarding this allegation:
- Mac malware found in malformed Word documents – is China to blame?
- Does apple recommend running anti-virus software with snow leopard? ”
It is always wise to have protection. Even with Mac’s being a low target of viruses. Typically you can pick up a computer virus although, it might not affect your Mac you can pass it on to your Windows Friends/Co-workers. Rather you use Snow Leopard or any other version of Mac OS you should consider an antivirus software. However, I would not rush out in panic.
- Apple suggests Mac users install antivirus software: “Apple is recommending that Mac users install antivirus software.”
- As they did in June 2007, Apple again encourages Mac users to use multiple antivirus utilities
- Apple quietly recommends using antivirus software
- OS X Mountain Lion: Protect your Mac from malware
- OS X Mountain Lion: What is malware?
- How to avoid or remove Mac Defender malware : From support.apple.com “A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender “anti-virus” software to solve the issue.”
- Mac OS X Snow Leopard and malware detection
- OS X Lion: Protect your Mac from malware