RE: Hidden Copying Software

From: R. DuFresne (dufresne@sysinfo.com)
Date: Mon Jul 24 2006 - 19:10:36 EDT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 24 Jul 2006, Shenk, Jerry A wrote:

> There are lots of other options too....maybe the exam was stored in a
> temp file. I guess you could say that software to copy a usb drive in
> the background might be high tech but not that high tech...a vbscript
> running on the machine could easily do it. It (the software to do that)
> certainly would NOT be expensive...free would be closer.

And the med stuent could easily ask someone in compsci to write it for
him, perhaps for beer. Dou gain for the compsic there, he gets beer, and
likely uses the program for class! Course, of the med student knows no
compsci majors, he asks his little brother or a cousin to do it for him
<smile>. Point being the med student is likely not the computer savvy one
writing the nefarious tool, and might not even be the one that ends up
placing it into use, directly...

Thanks,

Ron DuFresne

>
> -----Original Message-----
> From: Rocky [mailto:pixscreenpoint@gmail.com]
> Sent: Monday, July 24, 2006 9:20 AM
> To: pen-test@securityfocus.com
> Subject: Hidden Copying Software
>
> Hi list,
>
> A friend of mine who is a medical professor asked me if
> it is possible to copy his usb thumb drive from their
> class room pc without knowing it? he told me maybe
> there's a hidden software that copying it in the background?
>
> His exam from his usb thumbdrive was exposed all over
> to his student.I told him that you need a very high tech
> software or expensive to do it? Is any such software capable
> of this? this some kind of impossible task in my views.
>
> Thanks.
>
> ------------------------------------------------------------------------
> ------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the
> Analyst's
> Choice Award from eWeek. As attacks through web applications continue to
> rise,
> you need to proactively protect your applications from hackers. Cenzic
> has the
> most comprehensive solutions to meet your application security
> penetration
> testing and vulnerability management needs. You have an option to go
> with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service
> can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm
> your
> results from other product. Contact us at request@cenzic.com for
> details.
> ------------------------------------------------------------------------
> ------
>
>
>
>
> **DISCLAIMER
> This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.
>
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
>
>

- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant: sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFExVNvst+vzJSwZikRAtNUAJ9chHkD3r25/YqCdB/hSOTStxg8JQCguBJY
Mi2rPRoX9t8mbsKEimZntjY=
=4RO8
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:23 EDT