期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2007
卷号:7
期号:12
页码:71-75
出版社:International Journal of Computer Science and Network Security
摘要:In this paper we use ��alternative data streams�� that were introduced with the occurrence of Windows NT and its file system NTFS, as a gateway for subverting several commercial endpoint security systems. We give a simple set of commands by which it is possible to copy data from PCs that have installed endpoint security access systems, with- out been detected or by making the endpoint security access system to generate incomplete log entries that again do not reveal an information about the files that have been copied.
关键词:NTFS; Alternative Data Streams; Subversion; Endpoint Security Systems
Loading...
