Winzapper (original) (raw)
Winzapper is a freeware utility / hacking tool used to delete events from the Microsoft Windows NT 4.0 and Windows 2000 Security Log. It was developed by Arne Vidstrom as a proof-of-concept tool, demonstrating that once the Administrator account has been compromised, event logs are no longer reliable. According to Hacking Exposed: Windows Server 2003, Winzapper works with Windows NT/2000/2003. There is also an unrelated trojan horse by the same name.
| Property | Value |
|---|---|
| dbo:abstract | Winzapper is a freeware utility / hacking tool used to delete events from the Microsoft Windows NT 4.0 and Windows 2000 Security Log. It was developed by Arne Vidstrom as a proof-of-concept tool, demonstrating that once the Administrator account has been compromised, event logs are no longer reliable. According to Hacking Exposed: Windows Server 2003, Winzapper works with Windows NT/2000/2003. Prior to Winzapper's creation, Administrators already had the ability to clear the Security log either through the Event Viewer or through third-party tools such as . However, Windows lacked any built-in method of selectively deleting events from the Security Log. An unexpected clearing of the log would likely be a red flag to system administrators that an intrusion had occurred. Winzapper would allow a hacker to hide the intrusion by deleting only those log events relevant to the attack. Winzapper, as publicly released, lacked the ability to be run remotely without the use of a tool such as Terminal Services. However, according to Arne Vidstrom, it could easily be modified for remote operation. There is also an unrelated trojan horse by the same name. (en) |
| dbo:wikiPageID | 13410249 (xsd:integer) |
| dbo:wikiPageLength | 3866 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID | 1060218461 (xsd:integer) |
| dbo:wikiPageWikiLink | dbr:Hacking_tool dbr:Terminal_Services dbr:Windows_2000 dbr:Windows_NT_4.0 dbc:Computer_security_software dbr:Event_Viewer dbr:Trojan_horse_(computing) dbr:Booting dbr:Freeware dbr:Microsoft dbr:Security_Log dbr:Undelete dbr:Clearlogs |
| dbp:wikiPageUsesTemplate | dbt:Reflist |
| dct:subject | dbc:Computer_security_software |
| gold:hypernym | http://dbpedia.org/resource// |
| rdfs:comment | Winzapper is a freeware utility / hacking tool used to delete events from the Microsoft Windows NT 4.0 and Windows 2000 Security Log. It was developed by Arne Vidstrom as a proof-of-concept tool, demonstrating that once the Administrator account has been compromised, event logs are no longer reliable. According to Hacking Exposed: Windows Server 2003, Winzapper works with Windows NT/2000/2003. There is also an unrelated trojan horse by the same name. (en) |
| rdfs:label | Winzapper (en) |
| owl:sameAs | freebase:Winzapper wikidata:Winzapper https://global.dbpedia.org/id/4x6qF |
| prov:wasDerivedFrom | wikipedia-en:Winzapper?oldid=1060218461&ns=0 |
| foaf:isPrimaryTopicOf | wikipedia-en:Winzapper |
| is dbo:wikiPageWikiLink of | dbr:Proof_of_concept dbr:Windows_Security_Log |
| is foaf:primaryTopic of | wikipedia-en:Winzapper |