PDA

View Full Version : Alternate Data Streams


ndebord
September 9th, 2006, 01:31 AM
What are Alternate Data Streams? I gather it has to do with the NTFS file system, and since I went from W98se to W2000 and kept FAT32, that it is not something I should worry about. (saw something about how it was used to hide rootkit type stuff....)

<sigh>

Gary Maltzen
September 9th, 2006, 01:55 AM
What are Alternate Data Streams?Under NTFS a file can have several associated "streams". You used to be able to access the streams using filename:streamname (filename-colon-streamname); that generic access was blocked by a security fix when crackers started using streams to hide trojan-ware.

Googling "NTFS+streams" finds http://support.microsoft.com/kb/105763/