Stickies
« Stickies blacklisted »

Welcome Guest. Please Login or Register.
Jan 20th, 2018, 8:51pm


Click for the

Zhorn Software Web Site

Search Knowledge Base:

Search:
  All terms Any terms  

« Previous Topic | Next Topic »
Pages: 1  Notify Send Topic Print
 thread  Author  Topic: Stickies blacklisted  (Read 111 times)
abyss
New Member
Image


member is offline

Avatar




PM


Posts: 1
xx Stickies blacklisted
« Thread started on: Oct 13th, 2017, 5:18pm »

Hi,
I used Stickies for several years already. Few months ago I started to work in a company which recently started to blacklist Stickies as an insecure software.

Among others, here are some indicators pointed by our security department about Stickies: listening TCP port, hooks for SMTP/MAPI server connections, DNS/NetBios resolution calls with gethostbyaddr() function, putting scripts in Windows folder, etc.

I do not believe that there is any malicious intent behind such an activity, but it is a great pity that it prevents the use of Stickies within a corporate environment.
« Last Edit: Oct 13th, 2017, 5:52pm by abyss » User IP Logged

Tom Revell
Administrator
ImageImageImageImageImage


member is offline

Avatar




Homepage PM

Gender: Male
Posts: 3588
xx Re: Stickies blacklisted
« Reply #1 on: Oct 16th, 2017, 4:10pm »

Heh well I could name another app which does those things - it's called Outlook!

Of course, that's published, and signed, by a huge trustworthy organisation, and Stickies is not, so I do appreciate it's not the same thing.

It's every network administrator's place to safeguard their network, so I can't criticise your admin for being cautious. Sure, Stickies is perfectly safe, but then any malware author will tell you the same thing about their software, so how do you tell the difference?

Perhaps you could monitor the app to see when it establishes a listening IP port (and see whether it only does so when that feature is enabled). It doesn't "hook" SMTP or MAPI, but it does speak both those protocols. Sniff the network and see if the exe does anything you don't like. The installer puts a script into the system folder, yes, and it's so that I can get away without writing a proper uninstaller. That one is a bit poor form, but it's a very readable batch file.

Finally, there's the fact that today Stickies has its 18th birthday. What malware would still be around for that long?!

Tom
User IP Logged

Pages: 1  Notify Send Topic Print
« Previous Topic | Next Topic »

Donate $6.99 for 50,000 Ad-Free Pageviews!

| |

This forum powered for FREE by Conforums ©
Sign up for your own Free Message Board today!
Terms of Service | Privacy Policy | Conforums Support | Parental Controls