Re: How to hide a file ?
From: J. J. Horner (jhorner@2jnetworks.com)Date: 01/08/02
- Previous message: centipede: "Re: How to hide a file ?"
- In reply to: H C: "Re: How to hide a file ?"
- Next in thread: H C: "Re: How to hide a file ?"
- Next in thread: Farahbakhshian, Mike (OD): "RE: How to hide a file ?"
- Reply: H C: "Re: How to hide a file ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 8 Jan 2002 13:10:49 -0500 From: "J. J. Horner" <jhorner@2jnetworks.com> To: H C <keydet89@yahoo.com>
* H C (keydet89@yahoo.com) [020108 13:08]:
> Udi,
>
> There are many ways to go about this, beleive it or
> not. The question really becomes...who am I hiding
> this file from?
>
> I won't go into a lot of detail now...I don't want to
> steal my own thunder, ie, my BlackHat presentation in
> Feb...but Jose pointed out NTFS alternate data
> streams. You can hide data or even executables in ADS
> and run them directly from the ADS itself.
>
> But again, the question is...who are you hiding the
> data from? Hiding from a user or a (perhaps less than
> knowledgeable) admin is pretty easy, w/o using the
> hidden DOS attribute. How about hiding it from a
> forensics analyst? Alternate data streams won't work
> for this, and will only highlight your intentions.
> But there are ways to go about this...so stay tuned.
>
For those of us on tight gubment subcontractor training
budgets making us unable to attend a conference of any kind,
can you give us a preview or tell us where it will be
online after BlackHat?
Thanks,
JJ
-- J. J. Horner "H*","6a686f726e657240326a6e6574776f726b732e636f6d" *************************************************** "H*","6a6a686f726e65724062656c6c736f7574682e6e6574"Freedom is an all-or-nothing proposition: either we are completely free, or we are subjects of a tyrannical system. If we lose one freedom in a thousand, we become completely subjugated.
- application/pgp-signature attachment: stored
- Previous message: centipede: "Re: How to hide a file ?"
- In reply to: H C: "Re: How to hide a file ?"
- Next in thread: H C: "Re: How to hide a file ?"
- Next in thread: Farahbakhshian, Mike (OD): "RE: How to hide a file ?"
- Reply: H C: "Re: How to hide a file ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
