Using TDS on Networks

Discussion in 'Trojan Defence Suite' started by Dan Perez, Apr 1, 2002.

Thread Status:
Not open for further replies.
  1. Dan Perez

    Dan Perez Guest

    It seems that some TDS users are unaware that the program can be used to scan across a network so this will serve as a "brief" set of steps to accomplish this. The description must necessarily be somewhat vague due to the variables introduced by the different OS's.

    1. Double-click on "Network Neighborhood" (or "My Network Places" depending on which OS you run)

    2. Either you see the computer that hosts the shared folder you want to scan (in which case you double-click on it) or you see an "Entire Network" icon which you should double-click on, and then you should click on the
    "entire contents" link, followed by double-clicking on the "Microsoft Windows Network" icon, followed by whatever workgroup or domain name grouping is shown til you see the individual computernames, where you double-click on the computer you wish to scan

    3. However you got to this point you should now be looking at the file shares of the computer "serving" the files. Right-click on whichever share you want and select "Map Network Drive"

    4. Assign it whatever drive letter you want

    5. From the TDS "Scan Control" button, select the "Disk/File Scan" option and press the ">" button and on the bottom-most drop-down menu select the drive letter you mapped the share to in the previous steps.

    If you know the computer name and share name you want to connect to, a much simpler connection method would be to go to a command prompt and type

    net use f: \\server\share

    where 'f' is the drive letter you want assigned
    'server' is the computer name sharing the files
    'share' is the share name on that computer

    if the serving computer is NT/2K or XP (and you know the Administrator password) you have an even simpler and more comprehensive solution

    net use f: \\server\c$

    which maps to the hidden administrative share (the entire C drive of the remote system). This line can be modified to include other logical drives on the system. Also, this method can be used even if there is no other sharing provision made for that system as these hidden administrative shares are created by default.

    Hope this helps and I hope people will correct me if I slipped any steps or made false assumptions.

    BTW, I have done network scanning on Windows shares and Novell shares without any issues whatsoever. I have not yest done it on *nix samba shares but I expect that would work fine as long as samba is set up correctly

    Dan
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    In TDS after the network is set up and shared just "scan all logical drives" and the whole network is scanned without any problem.
    Thanks for the network set up explanation :)
     
  3. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Excellent tips there Dan! One thing I think you missed however is that Scan Control directly supports UNC paths, so you can go into Scan Control and tell it to scan "\\server\volume\directory", this way you don't need to have the path mapped. :)
     
    Best regards,
    Wayne
     
  4. Dan Perez

    Dan Perez Guest

    Cool! Thanks Wayne & Jooske.
     
  5. PJunggren

    PJunggren Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    1
    Location:
    Rye, New York
    But as far as I know, the network scan will not scan remote memory or process list.  Is this correct ?

    Regards,
    Peter
     
Thread Status:
Not open for further replies.