Jump to content

Why am I deleting these files

Guest Mike

By Guest Mike
in Techno Babble

 Share

Recommended Posts

Guest Mike

Guest Mike

Posted
Posted

Hello,

I was told that the security regulations at my organization require me

to delete the following files. I was curious if anyone could tell me

why and possible consequences. Thanks for any help.

 

Delete:

ir : c:\winnt\inf

c:\winnt\inf\system32\drivers

c:\winnt\inf\system32\drivers\dllcache

 

netir : all directories

nscirda : all directories

Posix: all directories

os2 .exe: all directories

.ex_ : all directories

  • Replies 4
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Shenan Stanley

Guest Shenan Stanley

Posted
Posted

Mike wrote:<span style="color:blue">

> I was told that the security regulations at my organization require

> me to delete the following files. I was curious if anyone could

> tell me why and possible consequences. Thanks for any help.

>

> Delete:

> ir : c:winntinf

> c:winntinfsystem32drivers

> c:winntinfsystem32driversdllcache

>

> netir : all directories

> nscirda : all directories

> Posix: all directories

> os2 .exe: all directories

> .ex_ : all directories</span>

 

Who told you this?

 

--

Shenan Stanley

MS-MVP

--

How To Ask Questions The Smart Way

http://www.catb.org/~esr/faqs/smart-questions.html

Guest Special Access

Guest Special Access

Posted
Posted

On Thu, 12 Jun 2008 15:55:17 -0500, "Shenan Stanley"

<newshelper@gmail.com> wrote:

<span style="color:blue">

>Mike wrote:<span style="color:green">

>> I was told that the security regulations at my organization require

>> me to delete the following files. I was curious if anyone could

>> tell me why and possible consequences. Thanks for any help.

>>

>> Delete:

>> ir : c:winntinf

>> c:winntinfsystem32drivers

>> c:winntinfsystem32driversdllcache

>>

>> netir : all directories

>> nscirda : all directories

>> Posix: all directories

>> os2 .exe: all directories

>> .ex_ : all directories</span>

>

>Who told you this?

>

>--

>Shenan Stanley

> MS-MVP</span>

 

Most likely an over-anxious security person. Even DISA (used to

secure Gov't computer systems) doesn't require you to delete all of

those files. POSIX and OS2, yes... but not the rest, especially the

dllcache directory!

 

Most security folks are of the mindset to eliminate any possibility of

compromise. For example, I can take an ex_ file and expand it to

allow me to use the exe that is being blocked by security settings

elsewhere. This may be stopped by setting the security the same, but

most security folks don't think that's enough of a prevention method.

Protection in multiple layers, in case one layer is compromised there

is another.

 

Mike

  • 4 weeks later...
Guest Kevin Hatfield

Guest Kevin Hatfield

Posted
Posted

Kind of funny though style_emoticons/

 

He is correct - those directories are being deleted due to the high

probability of being attacked by viruses/malware. The filenames

are being deleted because they can either be manipulated or exploited. This

seems a little paranoid..

 

Shouldn't actually hurt anything, though.

 

"Special Access" <nonyabidnezz@hotmail.com> wrote in message

news:j8n354trperbpajt6ffs0hq55uqsok0jnv@4ax.com...<span style="color:blue">

> On Thu, 12 Jun 2008 15:55:17 -0500, "Shenan Stanley"

> <newshelper@gmail.com> wrote:

><span style="color:green">

>>Mike wrote:<span style="color:darkred">

>>> I was told that the security regulations at my organization require

>>> me to delete the following files. I was curious if anyone could

>>> tell me why and possible consequences. Thanks for any help.

>>>

>>> Delete:

>>> ir : c:winntinf

>>> c:winntinfsystem32drivers

>>> c:winntinfsystem32driversdllcache

>>>

>>> netir : all directories

>>> nscirda : all directories

>>> Posix: all directories

>>> os2 .exe: all directories

>>> .ex_ : all directories</span>

>>

>>Who told you this?

>>

>>--

>>Shenan Stanley

>> MS-MVP</span>

>

> Most likely an over-anxious security person. Even DISA (used to

> secure Gov't computer systems) doesn't require you to delete all of

> those files. POSIX and OS2, yes... but not the rest, especially the

> dllcache directory!

>

> Most security folks are of the mindset to eliminate any possibility of

> compromise. For example, I can take an ex_ file and expand it to

> allow me to use the exe that is being blocked by security settings

> elsewhere. This may be stopped by setting the security the same, but

> most security folks don't think that's enough of a prevention method.

> Protection in multiple layers, in case one layer is compromised there

> is another.

>

> Mike </span>

Guest Special Access

Guest Special Access

Posted
Posted

On Mon, 7 Jul 2008 14:20:52 -0500, "Kevin Hatfield"

<khatfield@fedex.com> wrote:

 

You're only paranoid if the whole world ISN'T out to get you <grin>

 

Shouldn't hurt if you secure the directories from all but system and

admin (read: remove EVERYONE group) as these are your "trusted" folks.

Also helps if you are behind (multiple) firewall(s)

 

Mike

<span style="color:blue">

>Kind of funny though style_emoticons/

>

>He is correct - those directories are being deleted due to the high

>probability of being attacked by viruses/malware. The filenames

>are being deleted because they can either be manipulated or exploited. This

>seems a little paranoid..

>

>Shouldn't actually hurt anything, though.

>

>"Special Access" <nonyabidnezz@hotmail.com> wrote in message

>news:j8n354trperbpajt6ffs0hq55uqsok0jnv@4ax.com...<span style="color:green">

>> On Thu, 12 Jun 2008 15:55:17 -0500, "Shenan Stanley"

>> <newshelper@gmail.com> wrote:

>><span style="color:darkred">

>>>Mike wrote:

>>>> I was told that the security regulations at my organization require

>>>> me to delete the following files. I was curious if anyone could

>>>> tell me why and possible consequences. Thanks for any help.

>>>>

>>>> Delete:

>>>> ir : c:winntinf

>>>> c:winntinfsystem32drivers

>>>> c:winntinfsystem32driversdllcache

>>>>

>>>> netir : all directories

>>>> nscirda : all directories

>>>> Posix: all directories

>>>> os2 .exe: all directories

>>>> .ex_ : all directories

>>>

>>>Who told you this?

>>>

>>>--

>>>Shenan Stanley

>>> MS-MVP</span>

>>

>> Most likely an over-anxious security person. Even DISA (used to

>> secure Gov't computer systems) doesn't require you to delete all of

>> those files. POSIX and OS2, yes... but not the rest, especially the

>> dllcache directory!

>>

>> Most security folks are of the mindset to eliminate any possibility of

>> compromise. For example, I can take an ex_ file and expand it to

>> allow me to use the exe that is being blocked by security settings

>> elsewhere. This may be stopped by setting the security the same, but

>> most security folks don't think that's enough of a prevention method.

>> Protection in multiple layers, in case one layer is compromised there

>> is another.

>>

>> Mike </span>

></span>

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...