Dangerous things

Last week we discussed changing the Windows XP logon screen and mentioned in passing a tool called ResHacker for editing the resources in a file (which is essentially what you do when you modify the logon screen.)

This, we shall reiterate, can be dangerous because messing around with resources in Windows system files is not something that you should be doing without a serious clue.

But we found an even better (although admittedly not free) resource-editing tool for extracting, replacing and doing other exciting things with images, icons, dialogs, menus, and text in executables and Dynamic Link Libraries. The tool is Restorator published by Florian Bome.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Last week we discussed changing the Windows XP logon screen and mentioned in passing a tool called ResHacker for editing the resources in a file (which is essentially what you do when you modify the logon screen.)

This, we shall reiterate, can be dangerous because messing around with resources in Windows system files is not something that you should be doing without a serious clue.

But we found an even better (although admittedly not free) resource-editing tool for extracting, replacing and doing other exciting things with images, icons, dialogs, menus, and text in executables and Dynamic Link Libraries. The tool is Restorator published by Florian Bome.

Restorator stands out because it has a really good user interface complete with drag-and-drop features. It sports a built-in file system viewer (sort of Windows Explorer-like) and can open multiple files simultaneously, which lets you drag resources from one file to another. How cool is that?

It can display resource items in their default mode (images as images, text as text, and so on) or in hexadecimal mode. There are built-in editors for text, menus and dialogs. This latter facility is interesting. Say you have a program with a dialog box and you don't like where they have placed the OK button. Depending on how the application was engineered, using Restorator you might be able to move the button to where you would prefer it.

There's a lot more to Restorator, including a patch distribution tool, the ability to edit resources in files that are in use (thanks to Windows architecture a restart is required), and support for command-line operation for use in batch mode. Check out the full feature list. This is an excellent utility and at $70 is well worth the price.

Our second item this week focuses on a couple of more dangerous things: Instant messaging (IM) and peer-to-peer file sharing. The problem with IM and peer-to-peer use is that they have to be treated with the same degree of seriousness as e-mail. This means that you need to control who can use the services, and with whom they can connect. The trouble is that many companies as of yet have little or no handle on the scale of IM or peer-to-peer use in their company.

We heard about some tools at the recent Network World Messaging and Spam Technology Tour that are definitely worth checking out to see what might be going on with IM in your organization. The tools are MSN Sniffer ($79), AIM Sniffer ($99) and ICQ Sniffer ($69) from EffeTech, which, respectively, monitor MSN, AIM and ICQ conversations on your network.

The interface to AIM Sniffer consists of a pane showing a list of AIM users who are visible on the network and their buddies, and direct AIM connections in another pane.

When you select an item in either of those panes, a third pane shows the message traffic between the associated AIM conversation. You also can export the conversations in HTML files.

Try out this tool and its siblings for MSN and ICQ on a PC attached to the Internet connection for your organization so you can assess how much IM traffic is going where. You might be shocked. If you are, check out Akonix, which specializes in IM and peer-to-peer communications management. Its offerings are enterprise scaled and the company was the Network World Clear Choice Test winner for IM management in a recent test.

At one of the tour events, we had a Wi-Fi connection and in an idle moment we ran AIM Sniffer. Wow. Of course, MSN, AIM and ICQ traffic isn't encrypted so we saw all of the conversations that were underway. Nothing juicy was going on but it was revealing to see the traffic from a couple of attendees as well as from someone nearby in the hotel.

According to Dmitry Shapiro, CTO of Akonix, this exposure of traffic is a risk the companies should take more seriously. He tells the tale of the executives at Disney who were heavy AIM users. To transfer messages AIM uses centralized servers, which are, of course, owned by AOL. AOL and Disney are competitors so for Disney to route unencrypted executive messages via AOL's servers was, to say the least, a bad idea.

The question is what dangerous things might your people be doing with IM and peer to peer that you might rather they didn't?

When you find out spill the beans to gearhead@gibbs.com.

Read more about software in Network World's Software section.