• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Hiding F@H - VERY Important..

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

willlangford

Member
Joined
Aug 29, 2002
Location
Wash., USA, Earth, Milky Way
Hey all..

I talked to the tech guy at are school and told him that I got the IPs of the servers and was like why can't we open the firewall for that range of IPs. He was like I think I can do that, but talk to me on Monday. So thats tomarrow. But what I really need to know how to do is make it for windoze 2000 so that once I install the client it will run as a service and the user wont even know its running. no icon or window. is this possible??

Thanks,

~Will

also if someone could make it so its really easy that would be great. I am going to have to install all this stuff myself!! :) i mean we are talking like 70 computers at least i hope!
 
thanks, ill check that all out. and yes i have permission...i have one of the admin logins. kinda sad i got it last your...15 years old and the school district webmaster and i had all the logins.

~Will
 
if you read the readme, there is another batch that can do that, but you have to email and ask for it. You can email the guy and ask him for it, the email addy is in there, tell him you're from 32 and yes you are the admin, he'll gladly give it to you. he's pretty active and will response quick, if not, let me know i'll go over there and ask.

v
 
i sent him a pm @ overclockers aust. so we will see. if i dont hear something by tomarrow then ill let you know. this will be nice to have...doing waht i can i do to help the team.

~Will
 
Although permission is at hand, I would still reconsidering a larger distribution of such clients in a business environment. It still poses an uneeded security hole.

As a managing IT guy myself, I would never add such a client to any other PC than vacant ones I can plop on the DMZ. Then hackers and God knows who can have their fun just in case they spot something.

Think it over.... not to be a spoil sport... nice to see ghz's coming this way. Just keep a wide logging on the those IP's addys and those clients.

Cheers, Flixotide
 
flixotide said:
Although permission is at hand, I would still reconsidering a larger distribution of such clients in a business environment. It still poses an uneeded security hole.

As a managing IT guy myself, I would never add such a client to any other PC than vacant ones I can plop on the DMZ. Then hackers and God knows who can have their fun just in case they spot something.

Think it over.... not to be a spoil sport... nice to see ghz's coming this way. Just keep a wide logging on the those IP's addys and those clients.

Cheers, Flixotide

Flix,

What security holes are you suggesting. I am the System Adim for an online retail company and CISSP (certified information systems security professional) certified and I contest that there is less of a security issue with F@H than using Outlook Express.

If you configure your network to allow LAN-->WAN and block out everything you don't need for WAN-->LAN communication, and since the clients make the request to the servers, not the other way around, there is very little security issue with the client.

There is a slim chance that someone could hack you via F@H but here's what they'd have to do:

1. know that you're running the client
2. know your internal network schema, orginization, and OS structure.
3. be able to hack into your connection between you and your ISP.
4. be able to spoof the IP addy for Stanford's server's and wait for your machines to send out a request for communication.
5. be able to emmulate the hand shake that occurs between clients and Stanfords servers.

and if they did ALL of this.... then what would they get for their work? The capability of loading a payload that must be able to emmulate the exact structure of a WU.

So if they do get something through all of this, then what? A trojan, a virus, or a network sniffer? I call BS, I have virus programs for all of that so their fake package will be hammered as soon as it gets in.

Therefore, I don't feel that there's much of a security issue because if someone is willing to do all the things above to get into your system, then you have problems far greater than a simple hack attack.

Wedo
 
We will always disagree on this issue.. always :cool:

you scenario is limited to an attack from the inteernet, but there are so many other ways you can abuse the presence of program.

Trojan lookalikes, sniffers... I can't be bothered discussing this subject, as it is really an amazingly boring subject with and endless amount of facets..

Call it religion or whatever... to me the presence of an alien progam in a network is threat to be asessed.. be it a dos-prompt command or win32 api.... and between security pros in DK I've already established my name enough to know I am right on this subject..

Cheers, Flixotide
 
Last edited:
Flix, you're right that there isn't a secure network in the world. But what I was wondering, is how any of your employees do any work? If you don't want anything running on your network, then what do they use? Notepad? Wordpad? What type of E-mail system do they use? Or do you have one? I'm just trying to figure out your rationale for your statements. And, if you can "hack" (I don't like that word being used for this) into a system through F@H, then you need to be working for some government agency, and not Sys Admin for a company.
 
I'll post this simple little example of how an uncessary program turned into a big hazard for a local school with about 120 pc's.

To make it a little more entertaining, the admins had approved a small application that starts at runtime. Some kinda program that adds some funny animated cursors. No big deal.

When a friend contacted me, and told me they had problems with passwrods being ripped, I went by, asked them to cut all uncessary applications of the systems.

It actually turned out, that on one computer, this ittle cursor program was actually swapped with another executable. A sniffer, that one of the pupils used to leech pw files.

Very harmless, and very much so incognito. It was started every day at boot time, did its job as the admins didn't "see" it. It was a cursor program. Right?

F@H has high CPU utilization, it communicates with the internet, it is started every time the computer runs, it has many "vital signs". If it is also hidden, then you have little chance of really catching or monitoring if the program is being tampered with.

Anyone can copy a replacement exe to be started up as "incognito" if spread on a school or corporate network, and it would be near too impossible to isolate F@H as a culprit. If you replace word, notepad or the likes, it is a bit eaier to spot, and most programs come with methods of checking if they are actually being tampered with. F@H and many other freewares, sharewares etc. do not.

Such programs do not belong within am open professional environment. A single person, a single computer, fine, no problem. The person using it would probably spot anything unsual, but clients spread across school or companies are a huge risk.

It is SO easy to leak in a small api to sniff or do other fun stuff. Its part of my job to know about this stuff... and if it would convince 1/10 folders that it isn't recommendable to spread F@H in the wild, I would gladly set up a practical example of how easy it is to abuse it.

But I doubt it would...

Enough of this... if you or anyone else feels its paranoia.. feel free to think so. But you're wrong.. very wrong :D

Do not spread programs, keep them monitored, keep them on computers that are not publicly available.

9/10 school admins wind up running nightly imaging after my visits.. simply because it is so easy to tamper with things.

Cheers, Flixotide
 
Thespis377 said:
Flix, you're right that there isn't a secure network in the world. But what I was wondering, is how any of your employees do any work? If you don't want anything running on your network, then what do they use? Notepad? Wordpad? What type of E-mail system do they use? Or do you have one? I'm just trying to figure out your rationale for your statements. And, if you can "hack" (I don't like that word being used for this) into a system through F@H, then you need to be working for some government agency, and not Sys Admin for a company.

ditto,
 
I've posted my POV... and I will keep warning people not to distribute the client on public systems without close monitoring.

At least then nobody can ***** at the forum and say "nobody warned me".

Take it or leave it as you will.

Cheers, Flixotide
 
How about you back up your point with a valid answer. Your school description is bunk because F@H is monitorable. There are monitoring programs that will let you know if even one is not turning in work. I would like to know what real world threat it is in an office or business environment. Schools are a totally different thing because of the fact that kids are trying to see what they can get away with everyday whereas in a business environment the people are getting paid to be there and wouldn't risk there jobs to do anything near what kids or students are willing to do.
 
Flix, I see your point. I understand where you're coming from. This isn't the right place for this discussion so I won't respond in length. I'll just say that with the WinNT/Win2k/WinXP environment, you can set permissions. That's what it comes down to. But, most Admins fail to set these properly. Case and Point for the Domain Admin here. SHEESH!! And I do agree with Kendan to an extent, b/c there is ALWAYS that one person who "thinks he knows about computers" that will get ya every time.
 
Ofcourse there are people better and smarter than me.. But I'll never admit to that fact.. :D

And Kendan.. right.. i didn't consider the fact that F@H is monitorable.
But in a school environment, where you F@H client is offline every now and then, when would you see it is as "tampered with"? after 1, 2 or 3 days? by that time a pupil would've sniffed a load of passwords :(

When I actually mentioned monitoriable, I meant checksums run via system policies. E.g. I can see if any DLL or any exe changes on any system I monitor. The second some pupil tries something funny with winword.exe or vbrun.dll, I'll get a report on it..

Hey.. I only voice this because I'm out of the BAOFH series... I mean nothing spiteful or evil with it. I'm a folder myself guys, and don't want to hurt the subject... but only voice that people should keep considering where they stuff their strange programs.

Cheers, and night guys... nice with a little arguing here..

Flixotide
 
Back