Re: Virtual Private Network Is One Of The Hackers Secrets
From: Alexander Delarge (alex_at_nowhere.com)
Date: 09/25/03
- Next message: Thore Schmechtig: "Re: [SWEN tiny FAQ] How to filter out Swen emails with M$ Outlook Express"
- Previous message: removevalid: "Virtual Private Network Is One Of The Hackers Secrets"
- In reply to: removevalid: "Virtual Private Network Is One Of The Hackers Secrets"
- Next in thread: Thund3rstruck: "Re: Virtual Private Network Is One Of The Hackers Secrets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 25 Sep 2003 05:21:16 GMT
"tracker" wrote...
> Below is the VPN adapter file the hackers were using on a compromised
> computer system. These files were found in the Black Ice Defender
> directory which was hidden from my view. Of course, once you can view
> all the Files and Folders, you will find your eyes getting bigger and
> bigger. As you can see below, the hackers were utilizing this adapter
> on different platforms and software applications.
>
> #This document contains special adapter information that we
> #use to adjust how the product interacts with the driver.
> #It's main purpose is to handle those adapters that we find
> #in the system who lie about being network adapters.
> #
> #format:
> #action: name[=<>] value
>
> # 01 Sep 2000--Added to handle Intel/Shiva VPN client
> IGNORE: DriverDesc > Shiva Virtual NIC
> IGNORE: Description > Shiva Virtual NIC
>
Normally I avoid anything you write, Tracker, because of your legendary
ignorance. But, now you claim to be a Blackice expert.
That's one area where you CLEARLY don't belong. I've used Blackice it at my
office for about 4 years. We use the corporate edition (about 250 agents),
but the guts are almost the same as the retail version. And I got my
training from the guy who helped design Blackice ...so I guess you could
say, I know my *** about Blackice.
The adapter.txt file is used in Blackice to control which adapters use
Blackice's stand-in "ICEAdapter" this is intended for maximum compatibility
with VPN shims. IGNORE rules are used to instruct Blackice to ignore
adapters that aren't really adapters. Some VPNs and sniffers create virtual
adapters. Blackice has is own native drivers that capture frames directly
from the Microsoft TCP/IP stack. It also interpolates with various VPNs to
analyze decrypted traffic. .
Go read the Blackice Advanced Administrator's Guide, available from ISS. Get
an education first. you obviously don't know *** about Blackice.
Alex
- Next message: Thore Schmechtig: "Re: [SWEN tiny FAQ] How to filter out Swen emails with M$ Outlook Express"
- Previous message: removevalid: "Virtual Private Network Is One Of The Hackers Secrets"
- In reply to: removevalid: "Virtual Private Network Is One Of The Hackers Secrets"
- Next in thread: Thund3rstruck: "Re: Virtual Private Network Is One Of The Hackers Secrets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
