|
Re: Tracking Kazaa?
by arthas (Hermit) on May 20, 2003 at 20:54 UTC
|
By the way, you should probably use something like File::Find to traverse the entire directory tree of each machine's hard disk(s). As with almost every other program, the user can decide where to install Kazaa, so you shouldn't look only in the default location. ;)
Michele. | [reply] |
Re: Tracking Kazaa?
by crenz (Priest) on May 20, 2003 at 21:43 UTC
|
Why your code doesn't work
If all the machines have their C-Drive shared as c$ (and that's a big if, but I don't know your network, and then it's Windows' default sharename anyway), then you will have to escape the $, as in
"//$_/c\$/Program Files/KaZaA Lite/kazaa.exe"The rest doesn't need to be escaped.
Ways to improve your code
Using the same approach, but more clean code:
my %paths = ('KaZaA Lite' => 'c$/Program Files/KaZaA Lite/kazaa.exe',
'KaZaA' => 'c$/Program Files/Kazaa/kazaa.exe');
foreach (@machine) {
foreach my $key (keys %paths) {
print "Bah! Someone installed $key on $_!\n"
if (-e "//$_/$key");
}
}
Now, you can scan for additional files very easily, without changing too much of your code (only the hash at the beginning, actually).
Different approaches
You might consider running a portscan against these machines, focusing on ports that are known to be used by p2p software. Yes, it's not failsafe, but it helps. Most users will not bother to customize their install, I guess.
You might also consider scanning the whole network share for suspicious file names, in case the user installs the program in a non-standard location. | [reply]
[d/l]
[select] |
Re: Tracking Kazaa?
by zengargoyle (Deacon) on May 20, 2003 at 22:38 UTC
|
if they are your machines and you have administrator passwords you should skip the whole scan the filesystem thing and look for Kazaa* keys in the machines registry.
likewise if it's your network a machine sniffing traffic and logging ports (even inspecting packet data) will give better results. network traffic from P2P apps stick out like a sore thumb regardless of the ports they're configured for.
if you want to stop P2P, lock down the machines and take Administrator password away from users.
| [reply] |
Re: Tracking Kazaa?
by Paladin (Vicar) on May 20, 2003 at 20:50 UTC
|
You don't say what the code doesn't do that you are expecting it to, but in
"//$_/c$/Program Files/KaZaA Lite/kazaa.exe"
you probably need to escape the second $ as it's being interpreted as the variable $/. | [reply]
[d/l]
[select] |
Re: Tracking Kazaa?
by Jenda (Abbot) on May 20, 2003 at 21:12 UTC
|
What if they install Kazaa to a different location? I would definitely try to hide something I'm not supposed to have.
I don't know what port does Kazaa use but would not your firewall be able to tell you that computer X tries to use pert XX or just that it generates too much traffic?
Or maybe if you find out what port does Kazaa use you might try to connect to that port on all computers and if you do get a connection ...
Jenda
Always code as if the guy who ends up maintaining your code
will be a violent psychopath who knows where you live.
-- Rick Osborne
Edit by castaway: Closed small tag in signature | [reply] |
|
|
As with install locations, many programs allow users to change which port is used for communications. I'm not sure if Kazaa (evil evil program) allows such configuration, but it is most likely ;)
If the above content is missing any vital points or you feel that any of the information is misleading, incorrect or irrelevant, please feel free to downvote the post. At the same time, please reply to this node or /msg me to inform me as to what is wrong with the post, so that I may update the node to the best of my ability.
| [reply] |
|
|
If it allows them to select it can only allow them to choose from a list. It has to be able to connect to something outside. And I don't think the other party would listen on all ports.
Or maybe not. I never tried to use it. I know though a coleague here did and was soon blocked by our firewall.
Jenda
Always code as if the guy who ends up maintaining your code
will be a violent psychopath who knows where you live.
-- Rick Osborne
Edit by castaway: Closed small tag in signature
| [reply] |
Re: Tracking Kazaa?
by talexb (Chancellor) on May 20, 2003 at 20:51 UTC
|
- What do you expect this code to do? or,
- What is your definition of 'works'? or,
- How do you know that it is failing?
--t. alex
Life is short: get busy!
| [reply] |
Re: Tracking Kazaa?
by Popcorn Dave (Abbot) on May 20, 2003 at 21:03 UTC
|
| [reply] |
Re: Tracking Kazaa?
by ergowolf (Monk) on May 20, 2003 at 21:02 UTC
|
ANonymous:
"If you are running this on a Win32 system, then you might try doubling the forward slashes. if (-e "////$_//c$//Program Files//KaZaA Lite//kazaa.exe") { I had a similar problem with this. Cheers"
"//$_/c$/Program Files/KaZaA Lite/kazaa.exe"
you probably need to escape the second $ as it's being interpreted as the variable $/."
Thanks for the suggestion. It didn't seem to have an impact.
talexb:
"What do you expect this code to do? or,
What is your definition of 'works'? or,
How do you know that it is failing?"
The script shows every machine as not having Kazaa installed and I know several do. I want the program to accurately show who has kazaa installed.
Michelle:
"By the way, you should probably use something like File::Find to traverse the entire directory tree of each machine's hard disk(s). As with almost every other program, the user can decide where to install Kazaa, so you shouldn't look only in the default location. ;)"
My users aren't very smart. I think just looking at default locations will catch most of what i am looking for.
| [reply] |
|
|
> Michelle:
> ...
> My users aren't very smart.
Never understimate the smartness (or lack of) of your users. ;-)
By the way, I'm Michele with a single 'l', which is a male name in Italian.
Talk to you soon, Michele.
| [reply] |
Re: Tracking Kazaa?
by davis (Vicar) on May 21, 2003 at 11:23 UTC
|
| [reply] |
Re: Tracking Kazaa?
by Cody Pendant (Prior) on May 20, 2003 at 21:39 UTC
|
Like other monks, I think the methodology is kind of flawed here -- couldn't you track Kazaa by, uh, huge downloads?
--
“Every bit of code is either naturally related to the problem at hand, or else it's an accidental side effect of the fact that you happened to solve the problem using a digital computer.”
M-J D | [reply] |
Re: Tracking Kazaa?
by theorbtwo (Prior) on May 20, 2003 at 21:58 UTC
|
Irregardless of this working or not working, consider carefuly the security (or lack of same) implications of sharing the root of the c: drive, even as a "hidden" share. Constantly, we hear about viruses scanning for shares named c$, and attempting to infect those computers.
Instead of searching for Program Files/Kazaa on them, search for machines that have a //$_/c$/ share, and close them.
Warning: Unless otherwise stated, code is untested. Do not use without understanding. Code is posted in the hopes it is useful, but without warranty. All copyrights are relinquished into the public domain unless otherwise stated. I am not an angel. I am capable of error, and err on a fairly regular basis. If I made a mistake, please let me know (such as by replying to this node).
| [reply] |
|
|
C$ is an administrative share, meaning that anyone with administrative privileges on the box can browse the hard drive(s). Those shares are useful; I use the administrative shares all the time, but none of my users can access them. Of course, if you've got a virus running with superuser privileges you're in trouble anyway.
LAI
__END__
| [reply]
[d/l] |
Re: Tracking Kazaa?
by Anonymous Monk on May 20, 2003 at 20:49 UTC
|
If you are running this on a Win32 system, then you might try doubling the forward slashes.
if (-e "////$_//c$//Program Files//KaZaA Lite//kazaa.exe") {
I had a similar problem with this.
Cheers | [reply] |
