Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Hidden Copying Software

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Mon, 24 Jul 2006 19:10:36 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 24 Jul 2006, Shenk, Jerry A wrote:


There are lots of other options too....maybe the exam was stored in a
temp file.  I guess you could say that software to copy a usb drive in
the background might be high tech but not that high tech...a vbscript
running on the machine could easily do it.  It (the software to do that)
certainly would NOT be expensive...free would be closer.
And the med stuent could easily ask someone in compsci to write it for him, perhaps for beer. Dou gain for the compsic there, he gets beer, and likely uses the program for class! Course, of the med student knows no compsci majors, he asks his little brother or a cousin to do it for him <smile>. Point being the med student is likely not the computer savvy one writing the nefarious tool, and might not even be the one that ends up placing it into use, directly... 

Thanks,

Ron DuFresne




-----Original Message-----
From: Rocky [mailto:pixscreenpoint () gmail com]
Sent: Monday, July 24, 2006 9:20 AM
To: pen-test () securityfocus com
Subject: Hidden Copying Software

Hi list,

A friend of mine who is a medical professor asked me if
it is possible to copy his usb thumb drive from their
class room pc without knowing it? he told me maybe
there's a hidden software that copying it in the background?

His exam from his usb thumbdrive was exposed all over
to his student.I told him that you need a very high tech
software or expensive to do it? Is any such software capable
of this? this some kind of impossible task in my views.

Thanks.

------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
Choice Award from eWeek. As attacks through web applications continue to
rise,
you need to proactively protect your applications from hackers. Cenzic
has the
most comprehensive solutions to meet your application security
penetration
testing and vulnerability management needs. You have an option to go
with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your
results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------




**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they 
are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended 
recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have 
received this communication in error, please notify the sender and delete this e-mail message. The contents do not 
represent the opinion of D&E except to the extent that it relates to their official business.


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFExVNvst+vzJSwZikRAtNUAJ9chHkD3r25/YqCdB/hSOTStxg8JQCguBJY
Mi2rPRoX9t8mbsKEimZntjY=
=4RO8
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. 
------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: