XXXXXXX XXXXXXX 20072007 MAMAMAMAXIMXIMXIMXIMXIMUUUUUMMMPPPPCCC 0000
NET NANNY
Will she stand firm against the
ruthless attacks of an unruly brood?Net Nanny ( $40/yr, http://www.netnanny.com )
blocks all the obvious unwholesome
website content by default: pornography,
gambling, violence, drugs, etc.
First up against the app was the
Crusader, who was so sure of Net Nanny’s
ineffectiveness that he predicted a two-
minute turnaround time. By the 15-min-
ute mark he had succeeded in fi lling the
administrator’s inbox with alerts of his
attempts to enter My-sexylingerie.com,
Moviepoopshoot.com, and other sites
unspeakable. Undaunted by the ridicule of
the administrator and his peers, he turned
to Torpark. By downloading the browser,
he was able to completely bypass the soft-
ware’s blocks. For many a kid, this would be
enough, but should Torpark’s slow surfi ng
speed prove unsatisfactory, there’s recourse:
The Crusader stayed on just long enough to
search for tips on disabling the software. As
instructed, he killed the cwsvc.exe service
and disabled cwtray.exe from running at
startup; he then used an app he found on
Google (LSPFix) to disable the cwalsp.dll
embedded in Winsock. A quick reboot hadhim in the porn, with nary a mention of the
violation in the app’s web report.
The Upstart thought like a 14-year-
old and channeled his destructive inner
child. He opened the Net Nanny folder in
Program Files, then fi red up the Windows
Registry Editor and expunged all men-
tion of Net Nanny’s executables from the
registry. Following that, he deleted the Net
Nanny folder itself and restarted the com-
puter. The downside is that Windows failedto load, so he may have been too trigger-
happy, since he nuked the entire OS in the
process. Parents, take this as a warning to
back up your data!
The Old-Timer was at the machine for
no more than six minutes before he handed
it back to the administrator with several
naughty screen captures and an innocent-
looking web report. His trick was a cunning
one that would pay off big in the remaining
tests: The Old-Timer explained, “As an avid
reader of the many books written about
Kevin Mitnick, I’ve learned that the social
hack is far, far more powerful than any
technical hack. Since our rules of engage-
ment didn’t specify that we couldn’t use a
USB key, I simply went to another machine
(any 14-year-old on the planet has access
to the Internet outside his or her domicile),
visited several restricted sites, and saved
my proof fi les to the key as well as a copy
of Ardamax Keylogger Lite—a free keylog-
ger available on the Internet.... Once the
administrator checked the web report,
which was, of course, clean, I waited for
her to step away from the test machine,
pulled up the keylogger, and jotted
down her password. From there
I had free rein to do what I
wanted. It was that simple.”PC TATTLETALE
Can our editors stick a sock in the
mouth of this software snitch?PC Tattletale ( $50/yr for two PCs, http://www.
pctattletale.com ) takes an entirely different
approach to online monitoring. It dispens-
es with keywords and fi lters and simply
records every single thing a user does
on the computer—every website visited,
every email sent, every keystroke entered.
In other words, it’s a keylogger.
Determined to redeem himself, the
Upstart went fi rst and took just 20 minutes
to acquire proof of his untoward online
activities yet left no evidence whatsoever
in the software’s log. True, the complete
absence of any logged online activity
was itself suspicious but certainly not
proof of anything illicit. His method? The
Upstart explains: “I used Internet Explorer
to see where the administrator had beenprior to giving me the laptop, which was
PC Tattletale’s website [the source of
the download], and which happened to
include info about what the program does,
and even the Ctrl + Alt + F5 key combina-
tion one needs to access the administra-
tive options.
“The executables were hidden in
the Windows Directory in a folder called
‘Explorer32.’ Crafty. Since PC Tattletale
keeps detailed logs of all the sites you visit
and keys you press—including screen-shots taken every few seconds—a simple
Windows search for fi les created that day
revealed the litany of logs. And from there,
the location of the program itself was
revealed!
“Having learned my lesson with Net
Nanny, I let PC Tattletale do its thing.
I surfed for all the porn I could get my
hands on, then disabled the PC Tattletale
process (to stop those damn screen-
shots), deleted said screenshots, nuked all
the logs, and prepared to tell ‘mom’ I had30 MAXIMUMPC JULY 2007
The first hour or so with Net Nanny
taught one editor everything he could
possibly want to know about a certain
Pacific seabird.It’s one thing to create a phony log to mask naughty net surfing, but c’mon!MPUNLOCKED!MAXIMUMPC
CHALLENGEANOTHER