User:Ikester/CastleCops

CastleCops.com (formerly known as computercops.biz) is a globally oriented security and privacy site based in New Jersey. Paul Laudanski (AKA User:Zhen-Xjell) started the site Feb 22, 2002 with focus in online security and privacy information in a community environment. Since then, the site also focuses on Spyware/Malware. Discussion topics cover security software, support/troubleshooting services, identity protection, browser hijacking cleanup^[2], tutorials, news, downloads, roughly 200 forums, and software reviews.

Site features

CastleCops.com allows its users to submit reviews of security and privacy products and read reviews written by others. CastleCops also delivers news covering security and privacy online.

File:Ccsp.jpg

CastleCops.com [1] main page rendered in Internet Explorer.

Other site services include a Wiki for community documentation and guides, blogs, port scanning, downloads, news, hijack cleaning, and computer troubleshooting.

The site is written in PHP, is delivered by Apache, and uses MySQL for its database. The discussion forums use phpBB as the engine, and the wrapper is a custom PHP-Nuke.

Community

CastleCops.com operates close to 200 forums whose underlying focus is security and privacy. The site hosts the official forums for "Adshield", "Firetrust's Benign, Mailwasher, Firstalert! and Encrypt", "Proxomitron", "Prevx", "Paul Collins' aka pacman StartupList", "Sphinx-Soft", "Sunbelt Software Counterspy", and "Winpatrol".

Research Databases

CastleCops maintains master copies of spyware databases. These Hijackthis databases assist researchers and users in identifying objects as spyware, legitimate, or questionable in the various sections typically preceded with "R"^[3], "O", "F"^[4], or "N"^[5] and then a number. Currently the following O section lists are publicly accessible from the home page:

• Windows Startups (O4)^[6]
• NT/XP Services (O23)^[7]
• Internet Explorer Extra Buttons (O9)^[8]
• Layered Service Providers
• Browser Helper Objects (BHOs - O2)^[9]
• Toolbars (O3)^[10]
• Extra Protocol and Protocol Hijackers (O18)^[11]
• AppInit_DLLs and Winlogon Notify (O20)^[12]
• ShellServiceObjectDelayLoad (O21)^[13]

The following lists will also soon be made publicly accessible:

• ActiveX (O16) ^[14]

The site's lists can be accessed via different routes:

• Web Browser
• [BHODemon]
• [BHOList]
• Windows INI
• RSS Feeds

These lists brought the site, along with several other security sites [15], cease and desist letters. The most noteable was iDownload/iSearch which was written about at Slashdot and Broadbandreports [16], TechWeb, The Inquirer, and ZDNet's Spyware Confidential.

See Also

Several security forum sites exist that offer browser hijacking cleanup services. One such group called Alliance of Security Analysis Professionals [17] has dozens of websites. Some noteable websites which are not part of this group are Wilders Security [18] (home to SpywareBlaster support), Net-Integration [19] (home to Spybot S&D support), and BBR Security [20]. Another site to check out is Tech_Support_Forum.

References

• ^ TechTV Call For Help. "Tabbed Browsing, Stop Browser Hijackers, Set Up a Spycam". [21]
• ^ "F0, F1 - Autoloading programs". [22]
• ^ "N1, N2, N3, N4 - Netscape/Mozilla Start/Search pages URLs". [23]
• ^ "R0, R1, R2, R3 - Internet Explorer Start/Search pages URLs". [24]
• ^ "O2 - Browser Helper Objects". [25]
• ^ "O3 - Internet Explorer toolbars". [26]
• ^ "O4 - Autoloading programs from Registry". [27]
• ^ "O9 - Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu". [28]
• ^ "O16 - ActiveX Objects (aka Downloaded Program Files)". [29]
• ^ "O18 - Extra protocols and protocol hijackers". [30]
• ^ "O20 - AppInit_DLLs Registry value autorun". [31]
• ^ "O21 - ShellServiceObjectDelayLoad". [32]
• ^ "O23 - Windows NT/Windows XP Services". [33]

External links

• CastleCops Home Page
• CastleCops Wiki