Prev: WMI to use or not to use
Next: VB6 on Windows 7 64-Bit
From: David on 8 Jan 2010 08:57 I'm hoping a DLL wrapper may be my solution? Problem: If a third party DLL resides on your system, can that DLL be accessed remotely by the third party or call home when it wants? Answer Don't know. If it can do the above, would creating a DLL Wrapper solve the problem? If the DLL was contained within a directory that had no rights other than to be accessed by the DLL Wrapper functions would this top access or call home?. Anyone have any idea if this will work???
From: C. Kevin Provance on 8 Jan 2010 09:17 "David" <dw85745NOT(a)earthlink.net> wrote in message news:uEgfKqGkKHA.5520(a)TK2MSFTNGP06.phx.gbl... | I'm hoping a DLL wrapper may be my solution? | | Problem: | If a third party DLL resides on your system, can that DLL be accessed | remotely by the third party or call home when it wants? | | Answer | Don't know. If it can do the above, would creating a DLL Wrapper solve the | problem? | Why would you want to do this? It's malware/spyware functionality, and I doubt anyone is going to give a step by step on how to do this (and if they do, shame on them). Perhaps you could clarify when exactly you want to do, there could be other less suspicious methods. If I am misunderstanding you, then I apologize up front for the confusion.
From: David on 8 Jan 2010 10:20 Mr. Provance: A DLL wrapper was given as a possible solution to the following question I posed: ================ I have two programs that maintain a real-time link to two different servers. I am the client. Both server vendors provided API's in the form of DLL's which reside on my machine. I do Not know what's inside the DLL's other than the documentation provided and my ability to look at the DLL function headers. Knowing the function header and even the parameters IMHO are meaningless because a series of functions can be coded in different ways -- good (normal usage) or bad(malicious). Question: Since a real-time link is being maintained, is there anyway to keep my programs (and the server DLL's) contained within a specific directory, such that if the DLL has code which can be remotely manipulated by the server, any server manipulation on my system is limited to the directory where the my program resides? =============== "C. Kevin Provance" <*@*.*> wrote in message news:u$%23RQ1GkKHA.5520(a)TK2MSFTNGP06.phx.gbl... > "David" <dw85745NOT(a)earthlink.net> wrote in message > news:uEgfKqGkKHA.5520(a)TK2MSFTNGP06.phx.gbl... > | I'm hoping a DLL wrapper may be my solution? > | > | Problem: > | If a third party DLL resides on your system, can that DLL be accessed > | remotely by the third party or call home when it wants? > | > | Answer > | Don't know. If it can do the above, would creating a DLL Wrapper solve > the > | problem? > | > > Why would you want to do this? It's malware/spyware functionality, and I > doubt anyone is going to give a step by step on how to do this (and if > they > do, shame on them). > > Perhaps you could clarify when exactly you want to do, there could be > other > less suspicious methods. > > If I am misunderstanding you, then I apologize up front for the confusion. > >
From: mayayana on 8 Jan 2010 10:29 > Problem: > If a third party DLL resides on your system, can that DLL be accessed > remotely by the third party or call home when it wants? > Not "when it wants". It has to be loaded by some process. But a process could load the DLL and use it "when it wants". Microsoft does that with their WGA spyware, calling home to check whether they still think your Windows install is "genuine". Other companies do it for auto-updating. > Answer > Don't know. If it can do the above, would creating a DLL Wrapper solve the > problem? > > If the DLL was contained within a directory that had no rights other > than to be accessed by the DLL Wrapper functions would this top access or > call home?. > If your process has rights then any other process with the same rights can load that DLL. It sounds like what you really need is a firewall...and maybe to figure a way to end your dependency on a sleazeball DLL. :) And as Kevin Provance said, you really haven't explained the issue enough to make it clear.
From: David on 8 Jan 2010 10:39
> Not "when it wants". It has to be loaded by > some process. I'm aware of this. My programs are loading and using the DLLs. See my post prior to yours for further info. "mayayana" <mayaXXyana(a)rcXXn.com> wrote in message news:uciGbcHkKHA.2132(a)TK2MSFTNGP05.phx.gbl... >> Problem: >> If a third party DLL resides on your system, can that DLL be accessed >> remotely by the third party or call home when it wants? >> > Not "when it wants". It has to be loaded by > some process. But a process could load the > DLL and use it "when it wants". Microsoft does > that with their WGA spyware, calling home > to check whether they still think your Windows > install is "genuine". Other companies do it for > auto-updating. > > >> Answer >> Don't know. If it can do the above, would creating a DLL Wrapper solve > the >> problem? >> >> If the DLL was contained within a directory that had no rights other >> than to be accessed by the DLL Wrapper functions would this top access or >> call home?. >> > > If your process has rights then any other > process with the same rights can load that > DLL. It sounds like what you really need is > a firewall...and maybe to figure a way to > end your dependency on a sleazeball DLL. :) > > And as Kevin Provance said, you really haven't > explained the issue enough to make it clear. > > > |