Penetration Testing mailing list archives
RE: Hidden Copying Software
From: "Steve Armstrong" <stevearmstrong () logicallysecure com>
Date: Mon, 24 Jul 2006 23:35:02 +0100
Rocky It depends on the network. If the LAN is configured with no security (an University ones often are), he may have had his USB drive mounted shared across the LAN almost automatically. Alternatively, if it was a targeted attack, a student may have obtained admin rights on the LAN and then waited for the Prof to connect the USB drive. Once connected the admin-student could copy the contents anywhere. I used to have a script I ran once I connected a USB drive to my machine, it 'backed-up' the contents of the drive to a 'temp' folder on my system. I used it to sync files and other things. They are not hard to write and on USB v2 very fast - even on big drives. Steve A -----Original Message----- From: Rocky [mailto:pixscreenpoint () gmail com] Sent: 24 July 2006 14:20 To: pen-test () securityfocus com Subject: Hidden Copying Software Hi list, A friend of mine who is a medical professor asked me if it is possible to copy his usb thumb drive from their class room pc without knowing it? he told me maybe there's a hidden software that copying it in the background? His exam from his usb thumbdrive was exposed all over to his student.I told him that you need a very high tech software or expensive to do it? Is any such software capable of this? this some kind of impossible task in my views. Thanks. ------------------------------------------------------------------------ ------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------ ------ ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- Hidden Copying Software Rocky (Jul 24)
- RE: Hidden Copying Software Steve Armstrong (Jul 24)
- RE: Hidden Copying Software Andy Meyers (Jul 24)
- Re: Hidden Copying Software Thor (Hammer of God) (Jul 25)
- Re: Hidden Copying Software Maxim Kostyukov (Jul 25)
- Re: Hidden Copying Software jim (Jul 25)
- Re: Hidden Copying Software Nicolas RUFF (Jul 25)
- Re: Hidden Copying Software killy (Jul 25)
- <Possible follow-ups>
- RE: Hidden Copying Software Shenk, Jerry A (Jul 24)
- RE: Hidden Copying Software R. DuFresne (Jul 24)
- RE: Hidden Copying Software Neil Moore (Jul 25)
- RE: Hidden Copying Software R. DuFresne (Jul 24)
- RE: Hidden Copying Software Kish Pent (Jul 24)
(Thread continues...)