• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

NT 4.0 Network Admins - need your help with something.

BGod

BGod

Golden Member
I know the D.net client is very good at hiding it's self. I've got one machine at work already that is set to -runoffline and all screen output is disabled. I've got the possibility to add another machine, but my regional IT manager says I've got to wait about two weeks. He's worried the main IT department in Seattle will pick up on the client some how and put the kibosh to the whole works.

I sent my regional IT manager a 32 page request to get the client installed on the first machine. Yea, it was a little overkill, but I wanted his full and complete support for this project. I got the approval on that machine the first machine at the end of February or begining of March 2000. There hasn't been a single problem with that machine or the client being detected.

What I need to know is what program would an NT 4.0 admin use to pick up on a client running on an off site machine? If I know what the executeable's name is I can make the client hide it's self from it when it's running.

There won't be any network traffic because I'll sneakernet the blocks to and from the machine. We don't use Norton PC Anywhere, VNC, or any other remote control software. Could they be running Wintop or System Monitor remotely? What else would show 100% kernel useage?
 
One way that I know of would be through the default NT c$ hidden share, but that would only be accesable to them if your NT Workstation is part of the same domain (or perhaps in a trusted domain as well?)
I assume that you know the ways around that one. 🙂
Remote administration would be another one.

I am assuming that this is one an NT4 Workstation. If Win 9x, that would be a different story.

viz
 
viztech, The machine I'm getting is Windoze 95. Sorry that I forgot to mention that earlier. There won't be any open shares on my machine either. It will be on a Domain Name Controller/DHCP server - the NT box in Seattle. Our office is connected via a 56k frame relay. Wish they'd spent the money for a T1. 🙁
 
You're home free, unless remote administration is enabled on the 9x box, which is NOT the default installation. Even then, I don't think that they would detect it, or even look for anything.

viz
 
If the client is installed as a service, there is an entry in the registry. It is possible (though very unlikely) that someone could look through the registry and notice the distributed.net entry. But how many people look through the registry unless they are looking for something very specific...? And even then, it is something to avoid if possible!

JHutch
 
If it's a 9x box and you are going to sneakernet the blocks off of it, you are pretty much home free. If your admins have time to monitor every box across the network for CPU utilization, they have way too much time on their hands. Monitoring NT boxes takes enough effort that most people would not even give it a thought to try and monitor anything but critical boxes.

-Mike
 
My dually Windows 2000 A.S. machine at home died at 1:00am CST lastnight. 🙁
I can't get any version of Klinux to recognize my network card in my dually. 🙁
(Tyan S1832DL mobo, Linksys LNE100TX)
The machine at work showed up 🙂, without a monitor. 🙁
D.net stats are still down. 🙁

Anyone have good news for me?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top