Are there known methods to bypass foolproof

[Arminnius]

At school I am a computer technician and we may have a problem with certain student bypassing our security. There are several methods which we are aware of however due to other circumstances and evidence we had to rule them out. What other methods are the of cracking/bypassing foolproof. I am not asking how to only what methods can be used (ie: startup disks etc.) I will look into it and see what may have happened. Also over the summer we may be changing to another system as foolproof has been giving us compatibility problems, any suggestion, deepfreeze?

[str34m3r]

Well, perhaps if I could understand your question a little better I could attempt to help. Slow down and try to ask your question in a more organized manner.

Edit: bypassing foolproof what?

[Arminnius]

My apologies

At the lab we run the security program "foolproof" (version 4 i think) by smartstuff http://www.smartstuff.com/fps/fpsinfo.html
the computer run win 98 se

We believe a student was able to trash/crack foolproof and then access the registry and cause chaos.

we had spyware in place to review later what was done however we were not able to return to windows and were forced to format.

I am aware of that a bot disk can be used to delete certain files that prevents the program from running however the floppy drive on this particular computer was not working at the time (jammed with another broken floppy)

the same thing can be done with a cd if you change the settings in bios

apparantly (i have however not confirmed) it is also possible to disabe it from safe mode but we have evidence that the student never went into safe mode.

i was wondering if there were any other such methods of either disabling or entirely trashing/cracking this program

i hope this post is clearer and again my apologies for the original mess

[ammo]

This might not be a satisfying anwser for you but here are my 0.02$:

Win95, 98, Me, have no security builtin at all. It's VERY hard (I'd personnaly say impossible) to keep users from messing with the system. I haven't tried such security programs but I've heard good about Deepfreeze (which ensures the system always boots like new but doesn't prevent users from doing stuff ). The thing is, most security programs for win9X, can be screwed with through the registry (MS's poledit (security policies) for example are only registry keys that tell windows what to allow) but anyone can pretty easily modify the registry.

The ideal solution is to run NT4 or W2K with NTFS partitions and proper permissions set. NT4 and W2k can also have permissions set on registry keys (regedt32.exe). W2K with Active Directory is also quite cool with the group policies which allow you to manage a whole domain at the domain controler...

Ammo

[Snake_Byte]

for get all of that all you have to do is bring up the dos prompt cd to the food proof directory and delete it

[jaguar291]

My advice: get Win NT.

Jaguar291

[Ratman2]

My.02
I know someone that is a special Ed teacher at a school in Florida (not gonna say where because the security over there is HORRID). in his classrom there are 3 boxes. One box is 95 (yes, 95) one is 98 and the other is 2k. He had suspected that the kiddies were screwing around, then one day after sachool started he cought one of them with a Napster Client. Furher investigation revealed that this student had had 40 MP3's on the HD. School security can be HORRID. GET 2000 OR XP PRO

[Tedob1]

the best way to prevent things like that from happening again is for the school to expell this student permanently and bill his parents for damages, press charges if they don't pay.

quess you didn't back up anything, reg files?! maybe?...nothing!

i think you said you couldn't recover logs of the incident because you had to reformat...who in hell is in charge of your operation.

nobody tried a boot disc to get these files? reg dosn't affect that.

your story's not holding a whole lot of water! unless im just not understanding.

[Ratman2]

Originally posted here by Tedob1
the best way to prevent things like that from happening again is for the school to expell this student permanently and bill his parents for damages, press charges if they don't pay.

quess you didn't back up anything, reg files?! maybe?...nothing!

i think you said you couldn't recover logs of the incident because you had to reformat...who in hell is in charge of your operation.

nobody tried a boot disc to get these files? reg dosn't affect that.

your story's not holding a whole lot of water! unless im just not understanding.

I find that most sysadmins that work in schools can be idiots (no offense to the thread starter). so they may have just reformatted off the cuff (which was a bit stupid IMHO). I've also had the pleasure of working with some good school sysadmins

[PastyPyro]

Maybe you should use some form of Linux (that would keep the kiddies tryin to get in busy for a while). Most know nothing but windows. As for Foolproof, theres a couple ways to remove it, and even get the password for it. A method for getting the password would be starting the computer up using selective startup (Hold Shift while booting), install a keylogger, and while you're at it screw something up. Then restart the computer with foolproof and the keylogger running. Pretty sure you can figure it out from there. Another method would just be deleting the SSS directory with DOS. Foolproof is a crappy excuse for security.