Thor Larholm from PivX Solutions has an article on SecurityFocus
that is a response to a previous
article that claimed Linux was inherently less prone to viruses than
My security tip for the evening
(morning): Create a program called Program.exe
and place it in the root of your C:
drive. This program should take its command-line arguments and the name of the
logged-in user, and write this info to the event log. Then if it is running
under an interactive account, it should display this information in a dialog.
The file should be ACLed so only Administrators can change it. In JScript, the
core code is as easy as:
args : String = Environment.GetCommandLineArgs()
var command : String = args.join(" ")
var e : EventLog = new EventLog("Application")
e.Source = "Insecure CreateProcess call"
var name : String = WindowsIdentity.GetCurrent().Name
e.WriteEntry(command + "\r\n\r\nRunning as: "