I came across this issue today… thankfully my network environement security uses both eTrust and Tripwire, so this should not be a big problem here, but I think it’s should be watched for. Basically, this is a way to hide spyware or incriminating (hacker) tools by casting or forking the file into another file. The original size will show the same and even the actual running process is hidden from process explorers, the only thing that changes is the modification date. Also, this only runs on NTFS and moving the file to another file system will corrupt the hidden file. Read more »
Archive for April, 2008
Alternate Data Streams… WARNING
Posted in Network Security, Tutorials/Whitepapers, Virus Alerts, Windows with tags perl script ADS windows ntfs hidden file on April 29, 2008 by trizText Formatting Perl Script
Posted in Linux, Microsoft Office, Perl Scripts, Tutorials/Whitepapers, Windows with tags Perl Script Linux Windows text formatting on April 25, 2008 by trizHere is a pretty basic Perl script that will take a tab seperated file and format it accoring to the arguments you pass with the command. This script will only work if the file has three fields, but can be edited for more. I am working on a way to unlimit this using arrays, but have not found a working solution yet. Also, this script is protable to windows. Just edit the environment path to reflect where your perl executable is located. Code below: Read more »
Multiple host ping sweep Perl script
Posted in Linux, Network Security, Perl Scripts, Tutorials/Whitepapers, Windows with tags Perl, ping sweep, Scripts on April 14, 2008 by trizHere is one of the first Perl scripts I wrote at work. I was tasked with verify host connectivity after some desktop patches were pushed out. So instead of manually pinging each one, and I already had a text file with all the affected hostnames, I decided to put together a little script that would read from the text file and print out whether the host was up or down.
So, for this to work you will need a file called hosts.txt with a list of hostnames or IP address. Also, very simple shell script to read txt file into perl script. I could have excluded the shell script and just used Perl to open the file and add each line to an array, which would loop thru and do the same thing… it is on my TODO, but as it is, this works fine, and there’s always another script that needs to be written. Check it out. Read more »
Featured Site is Back UP
Posted in Expect Scripts, Firewalls, Linux, Microsoft Office, Network Security, Tutorials/Whitepapers, Virus Alerts, Windows, Wireless with tags featured site security on April 11, 2008 by trizThe featured site Networksecuritytech.com is back online… check it out… and hit it hard. There is a lot of good content on there… same theme as my blog, but censored….
