Penetration Testing mailing list archives
Re: Boot floppy
From: Anders Thulin <anders.thulin () sentor se>
Date: Wed, 11 Apr 2007 08:52:58 +0200
Mifa wrote:
We have a user who takes a company computer home with them (no its not a lap top). We have a good reason to need to look at their files. However, we want to do so without that employ knowing. They seem to know something about security becasue auto runs is disabled and the workstation is always locked with a third party software. INserting a U3 drive will not run a program either. Are there any programs that will boot from a floppy then copy a program to the c drive then wite an auto start entry into the registry? This was the only way I can think of to get the user to install a program.. Any other ideas how we maight gain access? It has to be fast (bathroom breaks ect). I dont have time to load a live cd. Further, robooting would cause the user to loose work.
I don't like the sound of this. You want to install software on a company computer, but are afraid to tip the user off that you are doing so? And you don't want to reboot the system in the process, and you only have short periods of time, such as bath-room breaks to your disposal? And who exactly are 'we'? Get in touch with a good security consultant -- someone who can get the whole picture, including the parts you're not discussing here. If there is a legitimate threat, it need to be considered in toto. On the assumption that this is above the board: if you don't have time to do the job, make it. Get the IT department to do a hardware upgrade, say, larger disks, for everyone in his work group. Or get the user into a full-day meeting on very short notice. Or ask if he wouldn't actually *prefer* a laptop, seeing how he's moving this computer to and from work every day (something I find *rather* difficult to believe). Or use some similar excuse to get sufficient hands-on time for a disk bitcopy to examine at your leisure. Apart from that, there is (or should be) an employer-employee relationship in place here: use it. If you are afraid of tipping the user off, make sure you have identified the correct threat: it may not be files on a disk, but the fact that you need to be tiptoeing around an employee at all. In that case, it's not a problem to be solved by bootdisks. -- Anders Thulin anders.thulin () sentor se 070-757 36 10 ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Re: Boot floppy, (continued)
- Re: Boot floppy Clint P. Garrison MBA, CISSP, QSA (Apr 10)
- Re: Boot floppy Shreyas Zare (Apr 10)
- Re: Boot floppy jasper . o . waale (Apr 11)
- 答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org Cony.Zhou (Apr 11)
- Re: Boot floppy Chris Zevlas (Apr 11)
- Re: Boot floppy Curt Purdy (Apr 13)
- Re: Boot floppy jasper . o . waale (Apr 11)
- Re: Boot floppy berg (Apr 10)
- Re: Boot floppy Zed Qyves (Apr 11)
- RE: Boot floppy Scott Ramsdell (Apr 11)
- Re: Boot floppy Tim (Apr 11)
- Re: Boot floppy Anders Thulin (Apr 11)
- RE: Boot floppy Marvin Simkin (Apr 11)
- RE: Boot floppy Pretorius, Wynand (ZA - Johannesburg) (Apr 11)
- Re: Boot floppy Sat Jagat Singh (Apr 11)
- Re: Boot floppy Danyelle Gragsone (Apr 11)
- Re: Boot floppy Jamie Riden (Apr 11)
- Re: Boot floppy Juergen Fiedler (Apr 11)
- RE: Boot floppy Wiedemann, Adrian (Apr 11)
- RE: Boot floppy Mifa (Apr 13)
- Re: Boot floppy Michael Munt (Apr 13)
- RE: Boot floppy Sat Jagat Singh (Apr 13)
(Thread continues...)