The NTFS filing system contains Alternat Data Streams (ADS) wich are located within normal system and program files, and are hard to detect by your operating system. A malicious hacker can install a "hacker tool", Trojan Horse, or other spy tool in the ADS wich sometimes escapes detection by antivirus scanners.

It's commonly known that ADS was meant to support the MAC Hierarchical File System... hehe.

A little well placed birdy told me that a certain "agency" with a three letter abreviation was really behind this!

> The NTFS filing system contains Alternat Data Streams (ADS) wich are located
> within normal system and program files, and are hard to detect by your
> operating system. A malicious hacker can install a "hacker tool", Trojan
> Horse, or other spy tool in the ADS wich sometimes escapes detection by
> antivirus scanners.
>
> It's commonly known that ADS was meant to support the MAC Hierarchical File
> System... hehe.
>
> A little well placed birdy told me that a certain "agency" with a three letter
> abreviation was really behind this!
>

So whats the Fix?

---

http://www.windowsecurity.com/articles/Alternate_Data_Streams.html

---

> > The NTFS filing system contains Alternat Data Streams (ADS) wich are
> located
> > within normal system and program files, and are hard to detect by your
> > operating system. A malicious hacker can install a "hacker tool", Trojan
> > Horse, or other spy tool in the ADS wich sometimes escapes detection by
> > antivirus scanners.
> >
> > It's commonly known that ADS was meant to support the MAC Hierarchical
> File
> > System... hehe.
> >
> > A little well placed birdy told me that a certain "agency" with a three
> letter
> > abreviation was really behind this!
> >
>
> So whats the Fix?
>
>

Well Captain Avatar... there are a couple of monitoring progs out there that check for changes in files, but I would suggest something a little more simple like a GOOD wiping utility that destroys ADS's by overwriting them altogether.

I think a utility like East-Tec Eraser would just do the job pretty well.
>

> > The NTFS filing system contains Alternat Data Streams (ADS) wich are
> located
> > within normal system and program files, and are hard to detect by your
> > operating system. A malicious hacker can install a "hacker tool", Trojan
> > Horse, or other spy tool in the ADS wich sometimes escapes detection by
> > antivirus scanners.
> >
> > It's commonly known that ADS was meant to support the MAC Hierarchical
> File
> > System... hehe.
> >
> > A little well placed birdy told me that a certain "agency" with a three
> letter
> > abreviation was really behind this!
> >
>
> So whats the Fix?
>
>

Try This. And This.

---

<img src="http://boinc.mundayweb.com/seti2/stats.php?userID=2259&amp;team=off">

> > > The NTFS filing system contains Alternat Data Streams (ADS) wich
> are
> > located
> > > within normal system and program files, and are hard to detect by
> your
> > > operating system. A malicious hacker can install a "hacker tool",
> Trojan
> > > Horse, or other spy tool in the ADS wich sometimes escapes detection
> by
> > > antivirus scanners.
> > >
> > > It's commonly known that ADS was meant to support the MAC
> Hierarchical
> > File
> > > System... hehe.
> > >
> > > A little well placed birdy told me that a certain "agency" with a
> three
> > letter
> > > abreviation was really behind this!
> > >
> >
> > So whats the Fix?
> >
> >
>
> Try This. <a> href="http://www.heysoft.de/Frames/f_faq_ads_en.htm">And This.[/url]
>

I've tried this util some months ago, and found that it has inaccurate scanning results.

It's commonly known that ADS was meant to support the MAC Hierarchical File System... hehe.
Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha - I'm not rolling on the floor.

---

> It's commonly known that ADS was meant to support the MAC Hierarchical File
> System... hehe.
> Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha
> ha ha ha - I'm not rolling on the floor.
>

I'm glad to hear that your not rolling on the floor... hehe.

But the ADS support concept was being pushed so that it could be possible to deploy reconaissance and data interception tools in a computer system with NTFS.

> But the ADS support concept was being pushed so that it could be possible to
> deploy reconaissance and data interception tools in a computer system with
> NTFS.
>

I take it the feds all use Apples?

---

>
> > But the ADS support concept was being pushed so that it could be possible
> to
> > deploy reconaissance and data interception tools in a computer system
> with
> > NTFS.
> >
>
> I take it the feds all use Apples?
>

I didn't specify that it was the feds. But THEY do like to use D.I.R.T. (Data Interception by Remote Trasmission).

>
> > But the ADS support concept was being pushed so that it could be possible
> to
> > deploy reconaissance and data interception tools in a computer system
> with
> > NTFS.
> >
>
> I take it the feds all use Apples?
>

Well, their not using oranges or plums. ;-)

L8R....

T'Khasi Time: Tuesday, 15 February 2005 - 07:39 PM --800 (Pacific Standard Time)

---

CAPT Siran d'Vel'nahr - L L & P _\\//
Winders 11 OS? "What a piece of junk!" - L. Skywalker
"Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath

> >
> > I take it the feds all use Apples?
> >
>
> Well, their not using oranges or plums. ;-)
>
Careful Siran your druelling juice all over the keyboard.

---

I''m a fed ....now?

---

> > > ....
> Careful Siran your druelling juice all over the keyboard.
>

At least it's not apple juice. ;-)

L8R....

T'Khasi Time: Tuesday, 15 February 2005 - 07:54 PM --800 (Pacific Standard Time)

---

CAPT Siran d'Vel'nahr - L L & P _\\//
Winders 11 OS? "What a piece of junk!" - L. Skywalker
"Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath

> I''m a fed ....now?
Who called you a fed?


Didn't they say fred?

---

> I''m a fed ....now?
>

Let's see what Timmy comes back with.

@Timmy: Come on Timmy, I want to see a witty comeback to this. ;-)

L8R....

T'Khasi Time: Tuesday, 15 February 2005 - 07:56 PM --800 (Pacific Standard Time)

---

CAPT Siran d'Vel'nahr - L L & P _\\//
Winders 11 OS? "What a piece of junk!" - L. Skywalker
"Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath

An apple a day keeps the feds at bay...

---

> An apple a day keeps the feds at bay...
>
>
>

Well Fat B, try this instead of an apple: HookProtect.

Or use EXT3+SELinux, or HFS+J with FileVault-ed 128-bit OtF encrypting...

.o0(Hmm... "Do not use obscene language or threaten other participants; we may delete such messages." Methinks that Berkeley a-stretches ye avatar columnae with message a-proof of how profundly the users have sunketh...)

---

> > I''m a fed ....now?
> >
>
> Let's see what Timmy comes back with.
>
> @Timmy: Come on Timmy, I want to see a witty comeback to this. ;-)
>
> L8R....
>
> T'Khasi Time: Tuesday, 15 February 2005 - 07:56 PM --800 (Pacific Standard
> Time)
>
[url=http://www.summercon.org/2003/hackers_and_feds.jpg]

---