BlitzenZeusBurnt Out Cynic Premium Member join:2000-01-13 |
to Traduk
Re: Kerio potential vulnerability ... app masqueradeIts so easy to un-attribute files its amazing so just making it read-only is pointless....
I can write a simple batch file to remove the attributes right now, and it won't even take me a minute. The script could also rename, and run the program of my choice too! |
|
|
Traduk
Member
2002-Mar-11 7:45 pm
BlitzenZeus,
It was just a thought. Obviously far too simplistic on my part. It would be just one more, possibly unexpected hoop for a potentially malicious hacker to have to jump through.
It looks as though Stanislav will have to nail this particular problem down once and for all, as spoofing and getting through firewalls from the inside /out appears to have grabbed more attention than the original functional requirement of keeping the bad guys out.
I have seen the scripts you possibly mean which have been attribute changes for backing up registry files and they are simple Dos strings?.
Traduk |
|
BlitzenZeusBurnt Out Cynic Premium Member join:2000-01-13 |
My point is, simple things like marking files read-only will not stop someone from doing actions like this unless your using NTFS with strict permissions on a restricted account.
One point needs to be made though.... Most people have found that Tiny/Kerio will not run correctly unless the account has admin access to your system. That would allow any program running full access to your system anyway.
The thing is I can write these script, and don't have to find them on the web. Most of my scripts are dos based, but i'm not limited to using dos batch files either.... |
|