Vulnerability Development mailing list archives
Re: How to hide a file ?
From: Blue Boar <BlueBoar () thievco com>
Date: Tue, 08 Jan 2002 16:46:26 -0800
Apologies, I'm not sure whom I am quoting...
Not to belabour the point, but I don't see a lot of NT/2K admins doing examinations of last modification times (or even last access times) during incident response. How does someone not necessarily familiar with or comfortable with working at the command prompt go about determining what is 'suspicious'? Or even via Explorer? After all, ADSs can be bound to only to files, but directory listings as well.
I do it all the time: Start->Find-Files or Folders->Date->during the previous 1 days(s)->Find Now BB
Current thread:
- RE: How to hide a file ?, (continued)
- RE: How to hide a file ? Ed Moyle (Jan 08)
- RE: How to hide a file ? Altheide, Cory (Jan 08)
- RE: How to hide a file ? Bryan Allerdice (Jan 08)
- RE: How to hide a file ? H C (Jan 08)
- RE: How to hide a file ? Farahbakhshian, Mike (OD) (Jan 08)
- RE: How to hide a file ? Altheide, Cory (Jan 08)
- RE: How to hide a file ? H C (Jan 08)
- RE: How to hide a file ? Oleg Kozitski (Jan 08)
- Re: How to hide a file ? Ryan Permeh (Jan 08)
- Re: How to hide a file ? Ron DuFresne (Jan 08)
- Re: How to hide a file ? Blue Boar (Jan 09)
- RE: How to hide a file ? H C (Jan 08)
- RE: How to hide a file ? Mike Theriault (Jan 08)
- RE: How to hide a file ? Matthew LaGrange (Jan 08)
- RE: How to hide a file ? John Stauffacher (Jan 08)
- RE: How to hide a file ? H C (Jan 09)
- Re: How to hide a file ? J. J. Horner (Jan 09)
- Re: How to hide a file ? H C (Jan 09)
- Re: How to hide a file ? J. J. Horner (Jan 09)
- Re: How to hide a file ? H C (Jan 09)
- Re: How to hide a file ? J. J. Horner (Jan 09)
- Re: How to hide a file ? H C (Jan 09)
- RE: How to hide a file ? John Stauffacher (Jan 08)