Remember I wrote this a long time ago, and programming is not my thing, so it is full of bugs ( for example, the big fixed array resulting in overflow). Regardless it is only a proof of concept.
Use:
An application like this is especially useful in an enterprise or large network to protect against attacks either pro-actively or reactively by a large network of security researches, such as say AV. If these can be pushed out in an environment with an imminent threat, machines with the file and mutex's in place might be prevented from infection due to the worms or threats on mechanism to prevent multiple copies.
This concept also includes a file locker. The entire PoC sits on a service, which reads off a list of files containing the strings, but the idea is that the list of file and mutexes are administered by a server, gets pushed onto the Synchrolock agents, and are replicated onto machines for protection.
Architecturally, Synchrolock consists of 3 components
- The service
- Mutex Lock
- File Lock
It creates an output of the log file containing errors, which should be audited.
Ok enough, The code follows in the next 3 entries.
No comments:
Post a Comment