Alternate Data Streams: Out of the Shadows and into the Light
Alternate Data Streams: Out of the Shadows and into the Light examines alternate data streams in NTFS. It provides a thorough technical background in alternate streams before proceeding to compare them to regular files and directories. There is then a study of several techniques by which alternate data streams can be exploited by malicious users. The paper then examines software from Microsoft and third-party vendors, evaluating each application's effectiveness in finding and manipulating alternate data streams. Finally, the paper presents a set of Windows shell extensions designed to make alternate stream information an integral part of the operating system and eliminate a loophole that malicious users can use to hide alternate data streams from current scanners.
Read the Complete Paper
Current Tags:
None
Add Tags:
|
Current Rating:
 (0 votes)
Add Rating:
|
Similar content:
Shedding some light on Voice Authentication, in
Biometrics
Post Comment
Cite in Modern Language Association (MLA) Style
"Alternate Data Streams: Out of the Shadows and into the Light" SANS Institute, , UTC.
01 Jul 2008, 17:18
<http://www.sans.org/reading_room/whitepapers/honors/1503.php>
Cite in Chicago Style
Ryan L. Means, "Alternate Data Streams: Out of the Shadows and into the Light," http://www.sans.org/reading_room/whitepapers/honors/1503.php (accessed
Jul 01, 2008
).
