Program that hides apps and files

Discussion in 'Computer Security' started by johns, Dec 31, 2003.

  1. johns

    johns Guest

    Seems there is a program available from the hacker sites
    that can hide games, p2p apps, mp3s, etc in the system
    directory in folders that are not normally available to
    the user .. even the admin. The program itself can reside
    "off the computer" on a zip disk, and when run on the
    system .. even as a low level user .. gives that person
    access to these hidden resources. Does anybody have
    any idea what program this is? If I can get the name of
    the .exe, I can block it, but right now, it is sacking my
    labs, and servers. IT Security can see the illicit traffic,
    but then it is too late. I need to know what app this is.

    thanks
    johns
    johns, Dec 31, 2003
    #1
    1. Advertising

  2. In article <bsvahn$2ikq$>, x says...
    > Seems there is a program available from the hacker sites
    > that can hide games, p2p apps, mp3s, etc in the system
    > directory in folders that are not normally available to
    > the user .. even the admin. The program itself can reside
    > "off the computer" on a zip disk, and when run on the
    > system .. even as a low level user .. gives that person
    > access to these hidden resources. Does anybody have
    > any idea what program this is? If I can get the name of
    > the .exe, I can block it, but right now, it is sacking my
    > labs, and servers. IT Security can see the illicit traffic,
    > but then it is too late. I need to know what app this is.
    >
    > thanks
    > johns
    >
    >
    >



    pick your poison:

    http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8
    &q=hide+file+share+folder+files



    --
    Colonel Flagg
    http://www.internetwarzone.org/

    Privacy at a click:
    http://www.cotse.net

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Dec 31, 2003
    #2
    1. Advertising

  3. johns

    johns Guest


    > pick your poison:


    http://www.sharing-file.com

    Not funny is it. I wonder just how far this little stinker
    can go to compromising system security. This little
    rat is a p2p WEB BROWSER ?? Is that right?

    johns
    johns, Jan 1, 2004
    #3
  4. In article <bt0886$4t5$>, x says...
    >
    > > pick your poison:

    >
    > http://www.sharing-file.com
    >
    > Not funny is it. I wonder just how far this little stinker
    > can go to compromising system security. This little
    > rat is a p2p WEB BROWSER ?? Is that right?
    >
    > johns
    >
    >
    >



    beats me. don't care. I don't allow my users to install anything, let
    alone something like this.

    actually, "allow" is harsh. Some clients are completely locked down due
    to high turn-overs in employees, other clients, I advise not to, and
    because they trust me explicitly, they won't and don't.



    --
    Colonel Flagg
    http://www.internetwarzone.org/

    Privacy at a click:
    http://www.cotse.net

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 1, 2004
    #4
  5. johns

    johns Guest


    > beats me. don't care. I don't allow my users to install anything, let
    > alone something like this.


    You have more authority than I on my lan. I'm running all these
    CAD programs, and the users have to be Power users with
    admin rights to specific directories. On top of that, they are
    assigned research projects that require access to Web resources
    that can push this kind of junk. Really frustrated with this
    garbage. Boneheads are hiding mp3 sharing under this sort
    of thing, and the lawsuits are flying all over. And I can't even
    see it happening until the lawyers are knocking on my office
    door.

    johns
    johns, Jan 2, 2004
    #5
  6. In article <bt2ial$22kr$>, x says...
    >
    > > beats me. don't care. I don't allow my users to install anything, let
    > > alone something like this.

    >
    > You have more authority than I on my lan. I'm running all these
    > CAD programs, and the users have to be Power users with
    > admin rights to specific directories. On top of that, they are
    > assigned research projects that require access to Web resources
    > that can push this kind of junk. Really frustrated with this
    > garbage. Boneheads are hiding mp3 sharing under this sort
    > of thing, and the lawsuits are flying all over. And I can't even
    > see it happening until the lawyers are knocking on my office
    > door.
    >
    > johns
    >
    >
    >



    if you make an effort to stop it, chances are, the fault will fall
    solely on the users. if you don't make an effort, then i'd say you'd be
    more liable.....





    --
    Colonel Flagg
    http://www.internetwarzone.org/

    Privacy at a click:
    http://www.cotse.net

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 2, 2004
    #6
  7. johns

    johns Guest


    > if you make an effort to stop it, chances are, the fault will fall
    > solely on the users. if you don't make an effort, then i'd say you'd be
    > more liable.....


    I agree with that. I need some way to be able to see
    this sort of thing right away. I can firewall against it
    on my workstations ( WinXP ), and that has been
    my focus because it was the main source of the problem
    for years. Now, these programs seem to be able to
    break through server security easily ( Win2000 Server ),
    and even disable something like F-secure, as well as
    delete all evidence of its activity. The guys writing this
    stuff know much more than I do, and seem to be able
    to get around my meager efforts while remaining totally
    invisible. I'm not even sure it was students this time.
    Usually their efforts are much more visible, and a simple
    reimage fixes the mess. This one ate my server, and I
    am not even sure ITS spotted it until the media snoopers
    complained. I have got a real big problem here, and I
    don't want to get involved in a lawsuit over it.

    johns
    johns, Jan 2, 2004
    #7
  8. johns

    elsid Guest

    Would you then be looking for software that could enforce a rule such as
    mp3's cannot be writen to disk and if already there cannot be opened for
    reading?

    Robert

    "johns" <> wrote in message
    news:bt2t6d$29f2$...
    >
    > > if you make an effort to stop it, chances are, the fault will fall
    > > solely on the users. if you don't make an effort, then i'd say you'd be
    > > more liable.....

    >
    > I agree with that. I need some way to be able to see
    > this sort of thing right away. I can firewall against it
    > on my workstations ( WinXP ), and that has been
    > my focus because it was the main source of the problem
    > for years. Now, these programs seem to be able to
    > break through server security easily ( Win2000 Server ),
    > and even disable something like F-secure, as well as
    > delete all evidence of its activity. The guys writing this
    > stuff know much more than I do, and seem to be able
    > to get around my meager efforts while remaining totally
    > invisible. I'm not even sure it was students this time.
    > Usually their efforts are much more visible, and a simple
    > reimage fixes the mess. This one ate my server, and I
    > am not even sure ITS spotted it until the media snoopers
    > complained. I have got a real big problem here, and I
    > don't want to get involved in a lawsuit over it.
    >
    > johns
    >
    >
    elsid, Jan 2, 2004
    #8
  9. johns

    johns Guest


    > Would you then be looking for software that could enforce a rule such as
    > mp3's cannot be writen to disk and if already there cannot be opened for
    > reading?


    It would sure be worth testing. Add spraying yellow paint
    all over the user, and I would pay bigtime :) Would gpedit.msc
    create such a rule? What do you have in mind?

    johns
    johns, Jan 3, 2004
    #9
  10. elsid spilled my beer when they jumped on the table and proclaimed in
    <>

    > For a complete description of our product see:
    >
    > http://www.crbn.com
    >
    > Attach a robot control module to it and it could very well paint the user
    > yellow.


    I prefer the verbal abuse and bludgeoning method... <G>

    NOI
    Thund3rstruc_N0i, Jan 3, 2004
    #10
  11. johns

    elsid Guest

    For a complete description of our product see:

    http://www.crbn.com

    Attach a robot control module to it and it could very well paint the user
    yellow.

    Robert


    "johns" <> wrote in message
    news:bt5qtt$rlc$...
    >
    > > Would you then be looking for software that could enforce a rule such as
    > > mp3's cannot be writen to disk and if already there cannot be opened for
    > > reading?

    >
    > It would sure be worth testing. Add spraying yellow paint
    > all over the user, and I would pay bigtime :) Would gpedit.msc
    > create such a rule? What do you have in mind?
    >
    > johns
    >
    >
    elsid, Jan 3, 2004
    #11
  12. johns

    johns Guest

    Checked it out. Too complicated. What I need is a snooper that
    can simply spot hidden mp3s ... or a program that can disallow
    *.mp3 from being written to disk. Your program is a server based
    security system that would require a trained sysad full time. I'm
    basically just a glorified lab monitor with limited time and budget.
    I can setup port blocking to a degree ... ( which I had assumed
    our ITS had done, but apparently their setup failed ) ... and I
    can reimage "suspect" systems. But these file hidders are clever
    enough to cover their tracks so that I can't spot them soon enough.
    Whatever I do, it needs to be "hands off" for the most part.
    GPEDIT.MSC does a great job against *.exe. I need something
    like that to block the loading of *.mp3

    johns
    johns, Jan 5, 2004
    #12
  13. johns

    johns Guest


    > I prefer the verbal abuse and bludgeoning method... <G>


    No kidding! I would hire some bald headed guys
    with tattoos to just sit behind every single user and
    breathe hard.

    johns
    johns, Jan 5, 2004
    #13
  14. "johns" <> wrote in message
    news:btc8il$n65$...
    > Checked it out. Too complicated. What I need is a snooper that
    > can simply spot hidden mp3s ... or a program that can disallow
    > *.mp3 from being written to disk. Your program is a server based
    > security system that would require a trained sysad full time. I'm
    > basically just a glorified lab monitor with limited time and budget.
    > I can setup port blocking to a degree ... ( which I had assumed
    > our ITS had done, but apparently their setup failed ) ... and I
    > can reimage "suspect" systems. But these file hidders are clever
    > enough to cover their tracks so that I can't spot them soon enough.
    > Whatever I do, it needs to be "hands off" for the most part.
    > GPEDIT.MSC does a great job against *.exe. I need something
    > like that to block the loading of *.mp3


    Try a demo of (e.g.) CA-Unicenter Asset Management ["Option" - they seem to
    have dropped this suffix since I last looked at it].

    Then - if you're on a budget similar to what I'm estimating - spend 10
    minutes writing a scheduled batch file (and then half an hour each morning
    saying "eh!?!" for the first couple of weeks)

    If it's a /teaching/ lab, consider Ghost.. and test the firewall between
    them and the rest of the world ;o)

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
    Hairy One Kenobi, Jan 5, 2004
    #14
  15. In article <btc8n0$na1$>,
    says...
    >
    > > I prefer the verbal abuse and bludgeoning method... <G>

    >
    > No kidding! I would hire some bald headed guys
    > with tattoos to just sit behind every single user and
    > breathe hard.
    >
    > johns
    >
    >
    >



    hey! I resemble that remark!



    --
    Colonel Flagg
    http://www.internetwarzone.org/

    Privacy at a click:
    http://www.cotse.net

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 6, 2004
    #15
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Daniel Walzenbach
    Replies:
    2
    Views:
    610
    Daniel Walzenbach
    Nov 9, 2003
  2. David H. Lipman
    Replies:
    34
    Views:
    3,377
    Jim Byrd
    Sep 25, 2005
  3. jils

    windows updates. icon hides!

    jils, Dec 23, 2005, in forum: Computer Support
    Replies:
    6
    Views:
    537
  4. gm

    Where FF hides cookies?

    gm, Feb 6, 2006, in forum: Computer Support
    Replies:
    5
    Views:
    392
    Beauregard T. Shagnasty
    Feb 6, 2006
  5. Sammy

    Who links a web photo but hides rest of gallery?

    Sammy, Apr 2, 2007, in forum: Digital Photography
    Replies:
    15
    Views:
    484
    Sammy
    Apr 8, 2007
Loading...

Share This Page