Security Basics mailing list archives
Re: Application backdoor suspect
From: "Catfish" <catfish () catfish homeip net>
Date: Mon, 16 Dec 2002 00:20:11 -0500
You didn't say what os you are using, I'll assume windows... Check out sysinternals for filemon and regmon. They let you see what the program does with the registry and files in realtime. Also check network sniffing programs to see what it sends out over the network.
My question is there a way to see what files the application is calling on during the synch process. I want to see what other info it is sending. Its troubling to know that the app is sending info that is not relevant to its starting up.
Current thread:
- Application backdoor suspect skp (Dec 13)
- Re: Application backdoor suspect Catfish (Dec 16)
- Re: Application backdoor suspect Gene (Dec 17)
- <Possible follow-ups>
- RE: Application backdoor suspect Tony Fondo (Dec 17)
- Re: Application backdoor suspect nick84 (Dec 17)
- Re: Application backdoor suspect H C (Dec 18)