Review: PestPatrol 3.0 - Page 2
Pete Cafarchio, PestPatrol's VP of Marketing maintains that this is the only tool that will search and find cracker tools, or such prominent backdoor programs as SubSeven which will give an outsider 'ownership' of a machine. "Most security programs will watch ports to make sure nothing illicit can get in, but few will look at outgoing traffic on common ports such as Port 80, used for HTTP," he says. "Once a RAT such as SunSeven has taken hold, your internal machines can become zombies for use in Distributed Denial of Service (DDoS) attacks."
PestPatrol can also be used as a plug-in for other programs, such as MailSweeper, for examining e-mail and attachments.
If you're running PestPatrol on your networked machines, clearly you'll need to slend some time planning for the exact parameters you'll want to invoke for your particular needs and strategy. Remote machines can be forced to use a Secure Configuration Verification and establish a clean bill of health before being allowed to connect to a VPN, for example.
The best way to become familiar with the program's capabilities is by running the GUI version. We installed the program and found it to be a quick and simple enough process to get it configured and running its first complete scan. Four tabs at top of the relatively uncluttered window determine your current mode, and each offers subsets:
Scan's first tab is Scan Now, which allows you to begin a scan on selected directories or drives. Monitor Progress keeps you up-to-date on the current findings as the scanner runs. Analyze a File gives you the capability of putting any one file under examination, and returns comprehensive information on it:
File: C:\Documents and Settings\user\Cookies\email@example.com
Creation Date: 05/08/2001
Last Access: 02/08/2002
Last Write: 05/08/2001
Size: 111 bytes
PVT (Pest Verification Token): -2146243967
Pest: Not a known pest
File Type: .txt file.
Compression: No compression or unknown compression method.
Language: Unknown Language.
Strings found of 2+ characters (first 4K bytes): cyberglobalanonymous cyberglobalanonymous ctg000ebecf994c3af82 engage com 219459072 30150118 548976544 29415461
Caution: Use this automated file analysis with caution. Please do not substitute these results for good judgment.