I have been using Winguardian. I have had no problems with the program. It emails me flawlessly (I am on a corporate lan, I do not know how this function works on a dial up, I haven't tested it yet) In my environment it leaves no record of a sent email. As far as where it runs, the output log file resides in the windows/system subdirectory under an inconspicuous name. The program file is hidden further in the directory tree. It does not show up as a running program and the program is accessed using a keystroke combination that the user sets. I would recommend not capturing screenshots if you do not plan on returning to the target system for a while. The log file does tend to get large with screenshots and if the drive is small will definately cause performance issues. The program will be discovered if the suspect is using a program such as who's watching me. But for a quick investigation, the program can be pushed down through the lan, the output emailed, and the suspect never knows a thing was changed. (assuming that the suspect is not a paranoid computer savy individual who runs hashes against his or her system daily) ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Oct 04 2001 - 17:40:15 PDT