|
Security Basics
mailing list archives
Re: Hacked (...still cleaning)
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 20 Apr 2005 12:24:20 +0200
On 2005-04-18 Mauricio Fernandez wrote:
One thing I am trying to do is to hide the cmd.exe file to avoid the
possibility of running some programs. I searched the file on the hole
system and deleted from \system32\ and \I386\ folders, copied into a
folder no included on the system path with a different name. But if I
invoke cmd.exe, it appears again on \system32\
Does anyone knows how to remove it?
You don't want to remove cmd.exe. Adjust the file's ACLs to fit your
needs and you'll be fine.
Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
 By Date 
By Thread
Current thread:
- RE: Hacked (...still cleaning), (continued)
- RE: Hacked (...still cleaning) Nuno Costa (Apr 20)
- Re: Hacked (...still cleaning) Ansgar -59cobalt- Wiechers (Apr 20)
| 
Intro
