Re: ZoneAlarm -- Alert for "Run a DLL"
From: Joseph V. Morris (jvmorris@erols.com)Date: 09/09/02
- Next message: Dazz: "Re: Got Active Ports, now what?"
- Previous message: Joseph V. Morris: "Re: Norton Firewall sometimes rejects radio stations"
- In reply to: Luis: "Re: ZoneAlarm -- Alert for "Run a DLL""
- Next in thread: Joseph V. Morris: "Re: ZoneAlarm -- Alert for "Run a DLL""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Joseph V. Morris" <jvmorris@erols.com> Date: Mon, 9 Sep 2002 08:13:55 -0400
"Luis" <not@vaila.ble> wrote in message
news:Bere9.393395$UU1.61549@sccrnsc03...
I have the idea that SENSAPI.DLL is being used by more than just IE but
I can 't verify that yet.
I have found literature that explains how to use it with your programs:
Example
Luis, MSIE is essentially a stub program that simply calls DLLs to do all
the hard work. Many of these DLLs are expressly designed to be used
separately. Indeed, the free version of Copernic (at least at one time)
was little more than a specialized shell program sitting on top of various
MSIE DLLs.
Any number of Microsoft Resource Kits once explained in considerable
detail how this could be done.
And, incidentally, this is one of the reasons it was always a bit pathetic
to run an MD5 (or SHA1) hash _exclusively_ on iexplore.exe and think one
was really authenticating anything. Better (and more effective by far)
for a cracker to futz with one of the underlying DLLs.
I did a quick lookup on the functions exposed by SENSAPI.DLL; the ones I
found mostly involved establishimng the status of an existing connection.
If you're really concerned about this, it might be a better idea to start
publishing (and comparing) properties of RUNDLL32.exe and SENSAPI.dll on
your machine with what others find on theirs.
--
Regards,
Joseph V. Morris
jvmorris@erols.com
ICQ #29438199
This is a NEWSGROUP message; except for privacy reasons, please respond
therein; an e-mail COPY is always appreciated, of course.
Almost all electrons used in the creation of this message were recycled.
No electrons used in the production of this message were harmed or
mistreated in any manner.
- Next message: Dazz: "Re: Got Active Ports, now what?"
- Previous message: Joseph V. Morris: "Re: Norton Firewall sometimes rejects radio stations"
- In reply to: Luis: "Re: ZoneAlarm -- Alert for "Run a DLL""
- Next in thread: Joseph V. Morris: "Re: ZoneAlarm -- Alert for "Run a DLL""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
