Windows has its share of threats which can be manipulated by a creative hacker.Microsoft incorporated NTFS system which allowed for greater data compression and file storage algorithms but a relatively less known compatibility feature of NTFS, Alternate Data Streams (ADS) provides hackers with a method of hiding root kits or hacker tools on a breached system and allows them to be executed without being detected by the computer user.
However,dangerous it sounds,its amazingly easy to create ADS and require almost little or no skill on the part of hacker.ADS works by storing 2 data streams on single memory location,and simple DOS commands like “type” are used to create an ADS. These commands are used in conjunction with a redirect [>] and colon [:] to fork one file into another.
For instance: the command
type c:\anyfile.exe > c:\winnt\system32\cmd.exe:anyfile.exe
will fork the common windows command program with an ADS “anyfile.exe.”
Once can hide his/her files using this method and they are almost impossible to detect.
POSTED BY XERO .ALL RIGHTS RESERVED.