Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

zli osnovci u napadu na win98

[es] :: Security :: zli osnovci u napadu na win98

Strane: 1 2

[ Pregleda: 10953 | Odgovora: 27 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

maxmagnus2
none
VA

Član broj: 3893
Poruke: 194
*.vdial.verat.net.



Profil

icon zli osnovci u napadu na win9809.11.2004. u 15:20 - pre 235 meseci
Cao,
Problem je sledeci:
U kabinetu za informatiku neko od klinaca brise sistemske fajlove
win98-ce.
Kako ih spreciti, ili makar saznati ko od njih to radi?
Win98 mora da ostane iz kojekakvih razloga...
MM
The sleeper has awaken
 
Odgovor na temu

Mihailo
Mihailo Đorić

Član broj: 1016
Poruke: 2875
*.air.tehnicom.net.



+1 Profil

icon Re: zli osnovci u napadu na win9809.11.2004. u 17:00 - pre 235 meseci
Win98 != sigurnost, a pritom je single-user sistem. Tako da - nikako. Evenutalno im se može malo otežati posao nekim dodatnim softverom (?), reda minut-dva.
 
Odgovor na temu

BytEfLUSh
Neven Pintarić
Nano-mage Engineer, Slave SysAdmin
Sombor

Član broj: 21153
Poruke: 5499
*.nat-pool.so.sbb.co.yu.



+14 Profil

icon Re: zli osnovci u napadu na win9809.11.2004. u 20:58 - pre 235 meseci
Pa može se staviti Hookdump ili neki ekvivalentni program, pa kad se otkrije ko je - kod direktora na razgovor!


Hehe, to mi vraća uspomene na srednju školu i zamenu win.com fajla nekim drugim, na svim računarima.........

Putuj planeto, super smo se družili
nama je lepo, taman kako smo zaslužili!
 
Odgovor na temu

maxmagnus2
none
VA

Član broj: 3893
Poruke: 194
*.vdial.verat.net.



Profil

icon Re: zli osnovci u napadu na win9810.11.2004. u 12:26 - pre 235 meseci
Hmm,
znam, grozno je raditi za drugi tim...
MM
The sleeper has awaken
 
Odgovor na temu

Marcony
Network security inzenjer
Beograd

Član broj: 10486
Poruke: 1853
*.bg.wifi.vline.verat.net.



+18 Profil

icon Re: zli osnovci u napadu na win9810.11.2004. u 19:06 - pre 235 meseci
Ja sam za te svrhe koristio Winboost, koji je moga da sakrije hdd-ove i jos dosta toga.

Novija verzija se moze naci na http://www.magellass.com/

YU2MP
 
Odgovor na temu

Slobodan Milivojevic
One IT
Pirot / ni.ac.rs

Član broj: 7062
Poruke: 6383
195.252.107.*

Jabber: poglavica@elitesecurity.org
Sajt: www.slobodanmilivojevic.i..


+363 Profil

icon Re: zli osnovci u napadu na win9811.11.2004. u 15:30 - pre 235 meseci
Pa da, postoji mogucnost da se iz explorer-a (my computer) sakriju particije, ali nista posebno, dovoljno je da neko u polje adress: upise C:\ i gotov pos'o :)

Tako da ono... Ako moze da se zameni sa nekim widows-om NT/2k/XP... Ako ne, ne znam...
Čemu ovo služi, a uz to i ne radi?!?!?!?!
www.oneit.rs :: www.koktelbar.rs ::
www.fissoft.net

Fiber on steroids:
http://www.speedtest.net/my-
result/3821970146
 
Odgovor na temu

rile23028
Bojan Ristic
Zajecar

Član broj: 33534
Poruke: 25
*.ru
Via: [es] mailing liste



Profil

icon Re: zli osnovci u napadu na win9811.11.2004. u 17:49 - pre 235 meseci
Imao sam prilike da dodjem u kontakt sa racunarom koji je kupljen u
inostranstvu, a radio je u nekoj skoli.
U sebi je imao PCI karticu koja je na sebi imala naziv HDD SHERIF ili tako
nesto, i njena uloga je bila da stiti hdd odnosno instalirani softver od bilo
kakve promene. U praksi, moze da se radi format hdd-a, instalacija novog i
brisanje starog softvera, a da se po restartu racunara sve vraca na staro.
Koliko znam takvih kartica kod nasih prodavaca racunara i komponenti nema, ali
ko zna mozda i postoji nacin da se do njih dodje. Za ovaj problem su prava
stvar. Inace kartica se samo ubaci u PCI slot i nema nikakvih drugih
konektora i portova.
--
Budi svoj, sledi svoje instinkte, -Microsoft free- LINUX

Citat:
Eliminate unwanted changes to PCs with HDD Sheriff
By James McPherson
May 16, 2002, 7:00am PDT

Every IT department has computers they wished were inviolate. Maybe it belongs to the resident know-it-not, gets used by roaming sales staff temporarily in the office, or sits in the training room. Wherever it is, you know that a user will eventually change something that causes the PC to be out of commission while it gets reimaged or while you attempt to recover its data.

To help defend against unwanted computer changes, Jungsoft created the HDD Sheriff product line. The HDD Sheriff system I reviewed consists of a PCI card key, Windows software, and a boot manager. There are USB, parallel, ISA, and PCI versions of the HDD Sheriff, including a PCI NIC. I received the stand-alone PCI version and tested it on Windows 98, 2000, and in dual-boot mode. I'll share the results of my testing with you here.
Wait, there's more!
Check out a brief review of the USB version of HDD Sheriff by clicking here.
Know the computer's role before you install
Think very carefully about the role the computer will play before installing HDD Sheriff. A “secured,” single-user desktop will be far different from a shared workstation, a training computer, or kiosk. Each will need different access to create and modify files. A shared workstation is probably the most difficult system on which to set up HDD Sheriff, because of the multiple users (possibly multiple operating systems) and various degrees of file sharing involved. Also, with more complicated setups, don't expect that setting up the partitions for HDD Sheriff will go perfectly the first time.

Installation
The HDD Sheriff manual provides a step-by-step walk-through of the painless but interesting installation process. One word of caution before you begin the installation: HDD Sheriff is going to repartition the hard drive.

After placing the PCI card in my (unpowered) system, I booted up and fed Windows the floppy when it asked for it. No CD is included, which may be a problem if anyone is working on a legacy-free system like my new floppy-less workstation. Not really an issue today, but floppies are slowly going the way of the dodo.

The software setup is accomplished via a series of relatively simple, easy-to-maneuver menus. Simply decide if this is a single OS, multi-OS, or custom install. Next, create unprotected partitions, select the directories to be relocated to the unprotected partitions (e.g., Outlook mail directory, My Documents, browser files, etc.), select a password, and reboot with the floppy in the drive.

The first boot takes a very long time, as HDD Sheriff uses its own defragmentation process to free up disk space and create the partitions needed. The program apparently does not have a fragmentation detection process, as my test computer was freshly formatted and it still took an inordinate amount of time. Then, there's another reboot (without the floppy), after which HDD Sheriff creates the backup files it needs to operate. The creation of the backup files only takes about a minute, and then the system proceeds to boot into Windows with HDD Sheriff in Supervisor mode so the Registry keys can be finalized.

The test
Testing was fairly simple: I tried to delete a few files to see if they remained deleted after a reboot. My initial guess was that HDD Sheriff keeps copies of the FAT tables and several other choice bits of data in a private partition, from which it pulls the correct configuration when the files need to be restored. If my hunch was correct, it meant that deleting files (the most common task) was pointless. But I tried it anyway, and I found that all of the files were restored upon reboot. I tried modifying files, but the changes were eliminated. Then I went into devious mode. Calling upon Murphy’s Law, I imagined the worst possible way a user could make data disappear. So I deleted a file called Victim.txt and copied several large JPEGs to the protected partition. The coup de grace was to run a disk defragmentation afterwards.

The defragmenting process moved those large JPEG files into the space formerly occupied by Victim.txt. If HDD Sheriff didn’t make a complete copy of the Victim.txt, I knew the file would be a goner. It would take an actual data recovery lab to get the data back once the drive has recorded over it, and even then there’s no guarantee, since the bits have been overwritten.

I rebooted with what was probably my best Black Bart smirk but found that Victim.txt was safe and uninjured, while my JPEG files were not to be seen. Obviously, HDD Sheriff is doing something more complex than just keeping copies of the FAT tables; it's likely functioning more along the line of a “virtual” disk driver that intercepts file operations so it can shuffle things around as needed. This seems more probable, since the small partition it established during installation is invisible to Windows 2000 Disk Manager. (Windows 2000 will normally see a partition, even though it may not be able to identify it.)
Pricing
The HDD Sheriff ranges from $69.95 for the PCI version I tested to $79.95 for the 10/100 NIC versions. Jungsoft also offers a USB variant for $49.95. Of course, these are list prices; I was able to find the PCI version for $53, the NIC version for $55, and the USB for $35 in about 10 minutes using a search engine.
Verdict
Jungsoft has a nice product on its hands. The installation process’ relaxed attitude towards rearranging partitions is really my only complaint, and I wouldn’t recommend installing it on a “live” workstation that hasn’t been backed up. While it isn’t appropriate for all computers (most users would become irate if they couldn’t install software), you should seriously consider it for training rooms and shared workstations. In some cases, disk imaging could be the superior solution, but if you have a mixed hardware environment, imaging may not be feasible. In those situations, the HDD Sheriff handily saves the day.


http://www.techrepublic.com/ar...o-pcs-with-hdd-sheriff/1056749

[Ovu poruku je menjao Goran Mijailovic dana 21.06.2012. u 23:26 GMT+1]
Budi svoj, sledi svoje instinkte, -Microsoft free- LINUX
 
Odgovor na temu

Milos Stojanovic
Belgrade

Član broj: 10343
Poruke: 1864
*.nat-pool.bgd.sbb.co.yu.

ICQ: 282954730
Sajt: www.sietf.org


+7 Profil

icon Re: zli osnovci u napadu na win9811.11.2004. u 18:45 - pre 235 meseci
Ima programa kao sto su Cafe Suite, koji se koriste za igraonice, verujem da rade i pod Win98 (jer su prve igraone bile pod njim, jelte), a dosta dobro rade posao, mada je uvek moguće pronaći neki bug i dobiti full access.
A ovo za taj HDD SHERIF, čisto sumnjam da je tako prosto. Verovatno je potreban još jedan HDD koji služi kao backup, ili ta kartica preko LANa vuče originalne podatke i vraća ih na HDD.
ex. trooper
Oh goody... it's my Illudium PU-36 Explosive Space Modulator!
Softversko Inženjerstvo
♪♫♪
 
Odgovor na temu

rile23028
Bojan Ristic
Zajecar

Član broj: 33534
Poruke: 25
*.ru
Via: [es] mailing liste



Profil

icon Re: zli osnovci u napadu na win9812.11.2004. u 17:38 - pre 235 meseci
Racunar je imao samo jedan HDD, a kao sto sam rekao kartica nema nikakve=20
portove ni konektore osim sto se stavlja u PCI. Inace konfiguracija je=20
najobicnija nista posebno.
Dok je kartica bila ubacena u PCI pre dizanja WIN-a se javlja natpis HDD=20
Sherif, a dalji rad je najnormalniji, naravno za onog ko nema nameru da=20
obrise windows 98 na nemackom i proba da instalira nesto drugo.
Kad se spolja pogleda uopste ne moze da se vidi da je nesto ubaceno u PCI d=
a=20
je nazovem "slepa kartica" sve dok se ne otvori kuciste. Posle vise neuspel=
ih=20
pokusaja formtiranja diska i bilo kakve intervencije na softveru resio sam =
da=20
proverim sta je to hdd sherif i cemu ustvari sluzi takva kartica.
Namena je ono sto sam vec rekao zastita softvera od bilo kakvih izmena, a=20
pretpostavljam da radi tako sto od pravog sadrzaja hdd pravi nekakav image=
=20
koji korisnik vidi i menja, ali sve to nestaje kad se komp restartuje. Dubl=
je=20
u karakteristike od ovoga nisam ulazio.
Posle mnogo muka i pomisli na zonu sumraka izvadio sam karticu kad je sve=20
proradilo kako ja hocu.
Kao serviser racunara nikad nisam ni cuo da postoji tako nesto, a ova=20
situacija i susret sa takvom karticom mi se desio samo tada. =20

=2D-=20
Budi svoj, sledi svoje instinkte, -Microsoft free- LINUX
Budi svoj, sledi svoje instinkte, -Microsoft free- LINUX
 
Odgovor na temu

maxmagnus2
none
VA

Član broj: 3893
Poruke: 194
213.244.197.*



Profil

icon Re: zli osnovci u napadu na win9814.11.2004. u 00:20 - pre 235 meseci
Pa, asd ono skole nemaju bas fondove
za tako nesto(kartice i softver) , mada sam mislio da su takve kartice i sl. tek u razvoju.
U obzir dolazi samo shearewere + crack :)
MM
The sleeper has awaken
 
Odgovor na temu

Shadowed
Vojvodina

Član broj: 649
Poruke: 12846



+4783 Profil

icon Re: zli osnovci u napadu na win9814.11.2004. u 14:22 - pre 235 meseci
U samom Win98 nema mnogo pomoci. Zavisno od onoga sto se radi na tim racunarima verovatno bi mogao da se intalira bar NT4.0 ako hardware ne dozvoljava Win2000. To je moja preporuka. Sve ostalo je... gubljenje vremena. Poenta je u tome sto je klincima zanimljivo da traze nacin da zaobidju zastitu tako da ce svi ovi programi popustiti vrlo brzo a mrzece te da ih stalno menjas.
 
Odgovor na temu

pctel
Beograd

Član broj: 13030
Poruke: 10893



+1349 Profil

icon Re: zli osnovci u napadu na win9814.11.2004. u 19:53 - pre 235 meseci
Predlazem postavljanje male web-kamere na zid iza njihovih ledja uz krupnim slovima odstampanu poruku sta je zabranjeno i koje sankcije slede. Oprema nije skupa pa ce se sigurno nekako uklopiti u skolski budzet, a ocekujem da mlade hakere istog trenutka izda hrabrost. Za one hrabrije isplanirati efektnu kaznu, ukor direktora, pozivanje roditelja, pretnju izbacivanjem iz skole... sitnice koje uz podrsku direktora u dizanju velike prasine mogu takve pojave eliminisati barem do kraja skolske godine.
Samo ti sinko (administratore) radi svoj posao.
 
Odgovor na temu

VRKY

Član broj: 21087
Poruke: 4690
*.net.htnet.hr.



+8 Profil

icon Re: zli osnovci u napadu na win9814.11.2004. u 20:27 - pre 235 meseci
da odmah rečem, nisam čitao sve postove pa ako nešto ponavljam recite....
Ja msilim da bi mogao 'donekle' spriječiti čeprkanje po PC s tim da instaliraš Deep Frez (kako li se već zove) program ti zamrzne HDD, znači npr. neko instalira neku igricu, komp
se restarta i ta igrica više ne postoji, znači uvijek vraća one postavke koje su spremljene pri instalaciji programa (deep Freza)....
 
Odgovor na temu

boki
Boris Prpic
CTO
CodeZen, Cityexpert
Beograd

SuperModerator
Član broj: 2681
Poruke: 2442
*.vdial.verat.net.

Jabber: boki@elitesecurity.org
ICQ: 195245022
Sajt: www.goglasi.com


+34 Profil

icon Re: zli osnovci u napadu na win9819.11.2004. u 18:40 - pre 235 meseci
Ja bih instalirao neki mocan program za logovanje i tako uvatio prestupnika, a onda.. zna se sta sledi

He, secam se ja sam u osnovnoj stalno menjao boot.ini i ostavljao tu neke prozivke itd koje niko nije znao da skine

Sada u gimnaziji imamo WinXP i vodimo se kao limited user-i ali sve sto je potrebno da bi postao gazda je 2x ctrl+alt+del i u username ukucati "Administrator".. toliko o security-u...
 
Odgovor na temu

BytEfLUSh
Neven Pintarić
Nano-mage Engineer, Slave SysAdmin
Sombor

Član broj: 21153
Poruke: 5499
*.nat-pool.so.sbb.co.yu.



+14 Profil

icon Re: zli osnovci u napadu na win9819.11.2004. u 18:45 - pre 235 meseci
Uh dok sam ja išao u osnovnu nije još postojao boot.ini ...

A to sa administratorom... jbg, neki ljudi jednostavno ne znaju da instaliraju windows... ista je stvar bila i kod mene u srednjoj...

Putuj planeto, super smo se družili
nama je lepo, taman kako smo zaslužili!
 
Odgovor na temu

maxmagnus2
none
VA

Član broj: 3893
Poruke: 194
*.vdial.verat.net.



Profil

icon Re: zli osnovci u napadu na win9819.11.2004. u 21:21 - pre 235 meseci
Sta,
XP ne trazi sifru? (za takav log :)
MM
The sleeper has awaken
 
Odgovor na temu

boki
Boris Prpic
CTO
CodeZen, Cityexpert
Beograd

SuperModerator
Član broj: 2681
Poruke: 2442
*.vdial.verat.net.

Jabber: boki@elitesecurity.org
ICQ: 195245022
Sajt: www.goglasi.com


+34 Profil

icon Re: zli osnovci u napadu na win9819.11.2004. u 22:13 - pre 235 meseci
Pa imas programe koji loguju bukvalno sve sto se uradi na kompu. Ti posle nastave pogledas log, nadjes kad su brisani fileovi a valjda snas ko je tad sedeo za tim kompom.

Ovo za Admin je cesta greska ljudi da pri instalaciji ne stave password za administratora i onda nakon instalacije naprave nove naloge i na njih stave sifre a administratora ostave na izvolte...
 
Odgovor na temu

Sleepless_mind
Bojan Vranac
NetLogic D.O.O.
01000010 01000111 0100010

Član broj: 33611
Poruke: 564
*.sbb.co.yu
Via: [es] mailing liste

Jabber: wizard[at]elitesecurity.org
ICQ: 12413605
Sajt: www.netlogic.rs


+34 Profil

icon Re: zli osnovci u napadu na win9819.11.2004. u 23:04 - pre 235 meseci
>
program koji bi pomogao je perfect keylogger...a ono za admin samo LOL i
nista drugo
We are Borg. We shall assimilate you.
RESISTANCE IS FUTILE!

Asus P6T Deluxe V2
Intel Core i7 965 3.2GHz
OCZ 3x2GB DDR3 PC3-12800 Flex EX Low Voltage Triple Channel
2x1000GB Spinpoint F1
ATI Radeon HD5970
Lian Li PC-P80R
Samsung T240

www.me2everyone.com/213043
 
Odgovor na temu

Dr.sima

Član broj: 6237
Poruke: 478



+119 Profil

icon Re: zli osnovci u napadu na win9820.11.2004. u 02:39 - pre 235 meseci
Ako su svi racunari u mrezi nadji neki program koji moze da kontrolise racunar preko iste. Ja koristim VNC viewer 4 u kucne svrhe, server ima pogled na desktop + full control, a klijent NE MOZE da se iskljuci!!!
 
Odgovor na temu

maxmagnus2
none
VA

Član broj: 3893
Poruke: 194
*.vdial.verat.net.



Profil

icon Re: zli osnovci u napadu na win9823.11.2004. u 03:11 - pre 235 meseci
Belezi li on dogadjaje tj sta je ko kad kucao
brisao i sl?
MM
The sleeper has awaken
 
Odgovor na temu

[es] :: Security :: zli osnovci u napadu na win98

Strane: 1 2

[ Pregleda: 10953 | Odgovora: 27 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.