If you define a "normal html file" as being one with only HTML tag information, I do not see this as a likely vector for infection or execution of code on a remote system.

If you define a "normal html file" as being one with HTML tag information and other bits of data which can include javascript, or calls to load java applet, or use code which is browser-specific to take advantage of weaknesses in a browser, then you have chance for being trojaned or having your browser convinced into downloading and executing malicious code from websites which are not trustworthy, or by e-mail message in some versions of MS Lookout! Express and Outlook.

To me, "normal HTML" is just a text document that conforms to one of the various versions of HTML provided by the w3c. (I do not consider JavaScript or other client-run scripting to be part of normal HTML files.)

But still ............

I do have question about that html trojan i mean how could somebody have normal html file acting as trojan ?

Btw i did research about remote.c looks like exploit .......


anyway i really try to see some html files that are like remote access

Ya, I need to do that, but I run into teh problem of the poor bastard that need sto run tests on teh various OS's, and that's his ONLY mahine. He needs a place to keep some stuff, reports, test cases, etc.

The dumbass I replaced use dto name c: PRIME and D: SECONDARY. This of course, is stupid.

I use C:MAIN and D: BACKUP and I havn't had anyone delete anything since. Naming convention are a wonderful thing. You see secodnary and think "Do what I want with it" and Back up is "oh, this is for saving things, don't delete stuff"

Also, I could hide D: with 2k/xp, but there's the whole ME thing to deal with. It's a pain.

oooo....okay...I thought we were talking about the same machines here, and even if they were I think there might be hardware diffs when you clone...but that's not the point of my reply. Can't you just hide your partition of D:, or if it's NTFS, just set the permissions so the user can't access it, that would save you a lot of trouble.

The site license when used with the MS Subscription CDs work just fine. Don't try to buy a version from the shelp at a computer store and expect it to NOT wanna phone home.

XP pro does not suffer from the activation problems.

I've got 200 machines with the same code... (and yes, this is legal, we have a site licence, no pirating here folks)

No no. You're missing the operation.

I have a master image ina newwork share. I move the updated one to D:, then unload to C:. With ME it will just go through, refigure out the hardware (I've reimaged from multiple Mobo's, video, sound, etc, so just about every piece of hardwre will auto detect). Can't do it with XO r 2k. 2k blows p if a different mobo/chipset is found, and xp need sto go through teh whole process again.

What I would need to do is set up a different image for each mobo we use. Unfortunatly the nature of my work means we have a LOT of different mobo's (testing, compatability, making dev cry) as well as other hardwre. So, the managing of multiple images, determining what's in each comp (all have the same cases) become more of a micromanagement fiasco than cataloging 20 gigs of mp3's, not to mention keeping each image fully updated with all the MS security patches.

So, with xp, I try to make machine specific image, that's saved on D: for each machine. After it's been abused, I re-ghost C:. run teh updates, put teh new versions of apps on, then mke a new image for that machine.

The ones that are fun are the triple ghosts, with ME/2K/XP on one machine. Don't bother mentioning triple booting, case that will invalidate the tests. Believe me, I'd love to.

My only real problem is wen the stupid n00b user decides to delete the contents of D: cause there's not enough room for his personal shit (games, mp3's, etc.

Yeah, I meant that you could clone to another drive/disk and set it aside until you needed it.

Good to know for the future, if it's looks too good to be true (my suggestion) then it usually is I guess..

AST's plan sounds like it would work...

It's not the duplicate serial number that hacks you up, it's the SAM. Norton Ghost will generate a random number for this and you are home free. Just be sure to use a serial number that does not register with MS.

well the idea is that if XP becomes infected, you can't really trust it can you? Booting off a disk and loading ghost or drive image works out better this way.

also with windows xp let us not forget the WPA (windows product activation) - it is a real bitch as I have encountered with even just swapping drives from one identical laptop to another... wpa barfs upon load and of course it is a legit copy, which you must have if your machines go through software auditing.

You can clone drives with XP can't you, if it's the serial issue you're worrying about you can change your serial in XP even after you install, so just image and change the #s....I'm sure it's not that simple, but just in case it is...there ya go.

This is what I do here at the office. Nothing worse than trying to installed 100 pcs's from scratch. I have a master image I use. Unfortunatly, XP requires a complete install for each machine, but i save teh custom image to a D: when I can retrieve after it's be all fucked up by n00bs.

:)

XP has that built in now, and CompUSA re-images all their PCs every night from Texas. Really screws you up if you saved your Trascender hints on the HDD!

one of my neato practices is that I create a windows system that has all my commonly used software and configurations, load up the service packs and fixes... then i use diskimage which is also installed on the system... and every time I am done with a session I remiage it, it takes a few minutes so when I want to use it again in a short period of time, it is all ready to go and just in the safest case where I may have gotten some infected with some uber1337 windows root kit... it would be wiped during the reimage... and man, that is safe :)

It's still possible to get them, though I think they're windows specific. Like 99% of all viruses...

I err on the side of caution. Better to scan a few files as they come in you don't need to scan, rather than miss something.