Welcome to HashDot.com
Search  


Contact Us

Earn Money
Earn money online, For lifetime Hashdot membership and for Advertisement details..
Click Here

Login




 


 Log in Problems?
 New User? Sign Up!

   

Windows 9x --- Enabling file extensions,scraping past security & changing default locations

(399 total words in this text)
(992 Reads)  Printer-friendly page
<div align="justify">

<u>Windows 9x</u>

Enabling file extensions

By default, Windows Explorer hides file extensions for known file types-including the .vbs extension, which is also used to create many malicious scripts. You might receive a .vbs attachment via e-mail, disguised as another file. For example, the file BigBadVirus.jpg.vbs, will show up as BigBadVirus.jpg. You might open this attachment thinking it is a non-executable JPEG image and execute the virus code. To prevent this kind of thing from happening, you can click on Tools > Folder Options, click on the View tab and deselect the 'Hide file extensions for known file types' option.

<img src="http://www.hashdot.com/folder.jpg" width="419" height="544" border="0" alt="" />

Scraping past security

When you try to paste the contents of a Word document into the Explorer, you get what is known as a scrap document or scrap object, which is basically a wrapper for OLE data. Double-clicking this scrap file, launches any program that was defined in the properties of the scrap object. As the icon is similar to a text document's icon, a user could easily be fooled into thinking that a file called BigBadVirus.txt.shs, is a text file. Malicious code can be executed, such as opening a file or running the format command, if a user double clicks on this file.

In order to prevent this, you have to modify some settings in the registry. Back up your registry before you proceed. Type 'regedit' in the Run menu, and go to HKEY_CLASSES_ROOT\ShellScrap. Locate the NeverShowExt value, in the right-hand pane, and delete it. Do the same for the value under HKEY_CLASSES_ROOT\DocShortcut. To further secure yourself, change the scrap object icon. Go to Windows Explorer > Tools, click on the File Types tab and select the .shs extension. Click on Advanced, and then on Change Icon. Browse to the pifmgr.dll file, and select an icon that resembles danger, such as the warning signals, the dynamite or the shield icon. Now, you will recognise scrap objects as dangerous files.

<img src="http://www.hashdot.com/scrap.jpg" width="510" height="361" border="0" alt="" />

Changing default locations

Many intrusion attempts and malicious Web sites look at specific directories for certain files. This is done on the assumption that the software will usually be installed in the default locations. For example, Windows will most probably be installed in C:\Windows, and applications will be installed in C:\Program Files.

Wherever possible, don't use the default folder and change it to some other name. This will make a hacker's task all the more difficult.

</div>

Web site powered by PostNuke ADODB database library PHP Language

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest (c) 2008 by me
This web site was made with PostNuke, a web portal system written in PHP. PostNuke is Free Software released under the GNU/GPL license.

You can syndicate our news using the file backend.php