UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#4426 - 04/09/03 10:28 PM Tech question for possible reward if answered
blackhawk625 Offline
Junior Member

Registered: 04/09/03
Posts: 3
Loc: Atlanta
Anybody ever heard of programs like Computrace, Ztrace, PcPhone-Home? You guys know what I'm talking about...That software they load on notebooks that sniffs out your IP and so the cops come rolling into your driveway after you've made off with your works laptop. Yea, i've reformatted the hard drive but it says on most of their websites this isnt going to cut it, so if you guys know of any programs/software/operations I could preform to pull this shit out of the anals of my newly acquired notebook...it would be very helpful. Tell me something worthwhile, or better yet send me some progs and I might just send you a check.

thanx,

Justin
[email protected]
or on AIM at blackhawk625b

Top
Sponsored Links
      
#4427 - 04/09/03 11:01 PM Re: Tech question for possible reward if answered
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
Format it, run "BestCrypt" at a 7 pass DoD standard wipe, format again, it should cover it, if you're overly paranoid, repartition the hard disk, it may have a hidden partition like most laptops have for "restoration".

where's my reward?
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#4428 - 04/11/03 06:56 PM Re: Tech question for possible reward if answered
Chem Offline
UGN News Staff

Registered: 10/13/02
Posts: 364
Loc: Vagabond (Location Differs)
Hmm, what state are you in?
and or country?
_________________________
C++ Should Have Been Called "D"

Top
#4429 - 04/12/03 02:27 AM Re: Tech question for possible reward if answered
jonconley Offline
UGN Super Poster

Registered: 10/08/02
Posts: 955
Loc: Merrill, IA, USA
If you can find out what IPs it reports to, you can just block or add them to your HOST file. Also, post them here, it would be helpful to other kleptos.

Also, if you are that paranoid, take it to a used computer part store and sell the HD and get a new one.

Top
#4430 - 05/19/03 01:25 PM Re: Tech question for possible reward if answered
papakf Offline
Junior Member

Registered: 05/18/03
Posts: 3
If the offending program is on the hard drive (as opposed to the bios) it may simply be on a seperate partition on the hard drive. Use something like delpart or fdisk to delete all the partitions and then create a new partition and format it.

Top
#4431 - 05/19/03 01:26 PM Re: Tech question for possible reward if answered
papakf Offline
Junior Member

Registered: 05/18/03
Posts: 3
If the offending program is on the hard drive (as opposed to the bios) it may simply be on a seperate partition on the hard drive. Use something like delpart or fdisk to delete all the partitions and then create a new partition and format it.

Top
#4432 - 05/29/03 10:46 AM Re: Tech question for possible reward if answered
Soren Offline
Junior Member

Registered: 05/29/03
Posts: 1
Well, if you are dedicated to do this (we know it's your personal system right?) then you need to find out the make and model of the drive. Go to the drive manufacturer, not the laptop manufacturer's, site and get the drive specs and datasheets. In these docs you will find information on "Low Level Formating" the drive. Do this, make sure it formats the same numbers of blocks/sectors as the spec sheet says the drive has and - voila! Brand new clean drive. Also, some systems use a bios-triggerd system to send the data. On some of those systems, you can re-flash your bios with a compatible bios of the same type, without the protection.... Good Luck....

Soren

Top
#4433 - 05/29/03 12:18 PM Re: Tech question for possible reward if answered
pergesu Offline
UGN Elite Poster

Registered: 03/14/02
Posts: 1136
Loc: Pimpin the Colorizzle
Whoa, Anarchy? Moved to General

Top
#4434 - 05/31/03 02:06 AM Re: Tech question for possible reward if answered
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
Computrace plus
http://www.computrace.com/public/products/computraceplus/whitepaper.asp#

It seems Computrace is started when the BIOS is run. The URL takes you to a page where you can request a whitepaper on the risks in using Pre-boot authentication. This might be a solution for you.

http://www.ztrace.com/zTraceGold.asp

ZTRACE GOLD is undetectable and unerasable on a laptop's hard drive. The computer completes a handshake with the ZSERVER at every Internet connection. If the laptop is reported missing, a patent pending process occurs for the ZTRACE Recovery Team to identify the computer's exact physical location. The ZTRACE Recovery Team coordinates with local law enforcement for a completely outsourced recovery solution; the entire tracing and monitoring service resides with ZTRACE. For enterprises, ZTRACE GOLD provides a flexible solution that can be managed internally by an organization's own internal security department or outsourced with the ZTRACE Recovery Team.

I am not the worlds best with hardware/firmware. Can software be writen to lock sectors on the harddrive so even a low level wipe dose not clear them? I have heard something about this a while back. I think it was AOL actualy I heard this about. Locking HD block/sectors might want to look into that.


http://www.pcphonehome.com/product.html

Cannot be removed via normal format and fdisk commands. Compatible with Windows 95/98/ME/NT/2K/XP


So there it is. Kill winblows and install Linux or BSD and home free. All of these of course rely on you connecting to the internet. Soooo Do not connect to the net till you are sure it is safe. Do not use Windows OS, Do not ever connect to the net from home. heh, have fun with your new toy. You could get a wireless nic card and connect in star buck and around offices using wireless lan's. You might need (I think it is air snort???)


You should kill windows. All of these seem to use windows. I doubt re-partioning would work, I know you can hide stuff from format, but low level wipe? Not sure on that. If you wipe and are truely paranoid used the 37 time wipe feature. It will be one step above paranoid DoD 7 time wipe on BcWipe

http://www.jetico.com/home.htm
_________________________
My New site OpenEyes

Top
#4435 - 05/31/03 02:15 AM Re: Tech question for possible reward if answered
§intå× Offline


*****

Registered: 12/03/02
Posts: 3255
Loc: Maryland
Not sure if you can but you might want to check these patents.

Trademark Office and 1 by the U.K. (GB2338101) for the Computrace Technology Platform. U.S. patent #6,244,758 covers an apparatus and method for monitoring electronic devices via a global network (including the Internet). U.S. patents #5,715,174 and #5,764,892 cover technology for locating an electronic device through the telephone network via a series of wired and wireless communication. U.S. patent #5,802,280 addresses an electronic device for sending signals to a remote station, such as a pre-determined telephone number at spaced-apart intervals of time. Several additional U.S. software patent applications are pending approval.


Z-trace is partners with HP and compaq. YOu just might be able to call them up and SE some useful info out of them.. example, "I bought this at an IT function and the guy siad he couldn't figure out how to get it off. He said it came with the machine. I want to remove it...."


One of the FAQ's from Z-trace's web site

5. Can zTrace be operational on a dual-boot system?
Yes when used with one of the Windows Operating Systems listed above.

/me wispers kill windows


12. How do I report my computer stolen to activate tracking?
You can report the theft by e-mail, telephone or fax, whichever is most convenient for you: call the toll-free number: (877) zTrace-2; send an e-mail to [email protected], or a fax to (617) 507-6489.


16. Can the user hear the modem when zTrace makes a call?
No - The modem speakers are turned off during the call.


pfft, just read here

http://www.ztrace.com/FAQ.asp#5
might be useful

Number 19. Read number 19 and come up with a good SE. If you work for a smaller company and know who installed this stuff then try to think what they might have set as a password..
_________________________
My New site OpenEyes

Top

Moderator:  Infinite 
Featured Member
Registered: 08/22/14
Posts: 1
Forum Stats
2148 Members
46 Forums
35207 Topics
70377 Posts

Max Online: 1567 @ 04/25/10 05:20 AM
Top Posters
UGN Security 28369
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Tim050, Gecko666, defghi795767, Devo60, ali
2148 Registered Users
Who's Online
0 registered (), 434 Guests and 275 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!