Hiding NTFS Files

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi, probably a silly question but I it possible to hide NTFS files?

By that I mean the files are in a shared area/Folder but hidden from view if any other user was browsing the same folder.

eg.

Shared area drive x:

user1.doc
user1.xls
user1.txt

user2.doc
user.xls
user2.txt

user3.doc
user3.xls
user3.txt

For example could user2 hide their files so they were not visible to user1 and user3?

The reason I ask is I have to check if anyone is hiding any files on a shared drive for a customer. The boss of this site is conviced they are, but won't go into detail about the details.... sounds a bit sinister to me.

I will have full admin rights to the share, the suspect user has only a standard user account with access to some sensitive company content.

This has really intrigued me, and I'm not sure how I would check.


Anyone come accross this before, anyone have any ideas how to approach this?

many thanks

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Just make hidden files viewable (open any folder - tools -> folder options -> View -> Hidden Files and Folders -> Show Hidden Files and Folders.

Also check permissions (Rightclick folder -> Security tab) and inherited ones too.

As far as I'm aware standard end users aren't able to restrict files/folders from other users outside of setting security permissions...

If you have full administrative rights then you should be able to see it all, just go digging. If said permissions screw up then replace ownership on the file/folder in question as your admin username (administrator/admin etc).

Hope this helps.

Qs

 

... or use attrib -h *.* command.

 

Of course, they could still use NTFS' alternate data streams to hide a file within another file though.

http://www.securityfocus.com/infocus/1822
not sure if that's the best explanation, was just first to pop up when I googled. The important info:

 

Thanks guys, I was going to start with show hidden files and folders, but I needed to check if i was missing something else.

There is a trick where you can put files in a folder and change the icon to a blank symbol but I think you need admin rights on the machine you are doing this on... and anyway the folder will be still shown if you list the directory via the command prompt.

Thanks again.

 

Missed this post (talking to the other half again)

Thanks, this looks very interesting. I'll give the article a read. Cheers