Windows Standalones

View Poll Results: Buy The System And.....

Voters
8. You may not vote on this poll
  • If it works leave it...

    1 12.50%
  • If it doesn\'t work install windows...

    0 0%
  • If it doesn\'t work install linux...

    7 87.50%
  • Don\'t be a moron... Just forget about it...

    0 0%
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Windows Standalones

  1. #1
    Junior Member
    Join Date
    Jun 2002
    Posts
    3

    Post Windows Standalones

    Making Login name and Password entry a mandatory.

    Hi all

    As all know Windows maintain profile concept. A profile (\WINDOWS\PROFILES\USERNAME) will be created. The use can customize the desktop, start menu and programs etc. User profile gets loaded when the correct username and password is provide during login else, default profile gets loaded. If ESC key is pressed windows leads to default profile.

    Windows 9x, ME, 2K standlone versions bypass login dialog. Anyway the use can access system files and folders and other stuff. I am writing a program (a login dialog) where the username and password is mandatory. If a user clicks cancel, windows gets shut down. I am doing groundwork.

    Do let me know the option to be given with RUNDLL32.exe
    Cybor - The Cyber Organism

    [gloworange]Stay Connected.[/gloworange]

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    883
    Thats all well and fine. But, and a big but at that. Anyone that can use DOS could still bypass your login in 9X and ME. If it's FAT32 it can be accessed from a boot disk and files can be copied, moved or deleted etc...

    In Win2000 though. You can use your admin tools and force users to ctl, alt, del to login.

    You can always remove the floppy access or password the bios. But these can be bypassed as well. Encryption is your best bet. Even though I have my systems secured a way can be found in if someone tried hard enough. So anything I don't want anyone to have, I encrypt it and mack an encrypted copy to cdr in case something happens to the machine.

    Good luck though. I admire your initiative.......


    PS: As far as the profiles in Win9X. You can use a startup disk and boot to DOS then navigate to the appropriate directory and delete the .pwl file and boom. The profile passwords are gone. Yes this works with me also with many widely available custom boot disks.
    The COOKIE TUX lives!!!!
    Windows NT crashed,I am the Blue Screen of Death.
    No one hears your screams.


  3. #3
    Junior Member
    Join Date
    Jun 2002
    Posts
    6

    Question



    I use a smart card reader to encrpyt my files on XP. None of my system will work without the smartcard, if it's removed then the system goes into hibernate and so cannot be accessed... [Disable the Power button, and you're away! I know that you can get a pre-boot initialising encryption system [Win 9x etc.. being DOS based, not hard to do...] As for encryption, Steganos Security Suite [ http://www.steganos.com/./en/ ] will do on the fly encryption and steganographic disguising... [Hiding files in other files.]
    I've used it, and found it to be superb.

    Maybe someone can recommend a better system...

    Hope this gives some ideas! Good luck!

    \"The universal aptitude for ineptitude makes any human accomplishment and incredible miracle...\"

  4. #4
    Banned
    Join Date
    Mar 2002
    Posts
    594
    Originally posted here by {PP}Apocalypse
    PS: As far as the profiles in Win9X. You can use a startup disk and boot to DOS then navigate to the appropriate directory and delete the .pwl file and boom. The profile passwords are gone. Yes this works with me also with many widely available custom boot disks.
    Can't that be done in Windows 2k and XP also?

  5. #5
    Junior Member
    Join Date
    Aug 2001
    Posts
    23
    Well, as good an idea as it is, if your that worried about a stand alone system why not simply stick a CMOS password on it? It dosent look as pretty as a Windows GUI user/pass, but its probably more effective. Not much you can do to bypass that one, short of opening the case, removing the battery, blah blah.

  6. #6
    Junior Member
    Join Date
    Jun 2002
    Posts
    6

    Question



    With Xp, I have found that with the NTFS file system, you need a specific NT boot disk, so I expect there is software that will allow pre-OS control, but I haven't come across it yet. 2000 being NT based, too, the NTFS problem comes up again. If you have XP in FAT32 [or 64] mode then a DOS boot disk will allow full access to the file system.

    Being a newbie, someone please do correct me if I'm wrong! This is what I am aware of so far...

    \"The universal aptitude for ineptitude makes any human accomplishment and incredible miracle...\"

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    883
    Originally posted here by jaguar291


    Can't that be done in Windows 2k and XP also?
    No not with a DOS boot disk if it's an NTFS partition. Unless you have the commercial version of NTFS DOS. Available here:
    http://www.sysinternals.com/ntw2k/fr.../NTFSDOS.shtml
    However if you use limited accounts, force login, password complexity, minimum password length and use the NT encrypting file system (EFS). It's not as easy. Or if someone brute forces it remotely etc... As I said. With any machine given enough time and resources, can be broken into. Thats why I say use strong crypto, good pyhsical security, keep software and av up to date, long random charachter passwords etc... All it takes is someone to have a few minutes on your system and they can place a keylogger. They even have physical hardware keyloggers that will fit on your PS2 keyboard cable. So it takes a combination of a lot of things to be serious about security. This is what we as pro's have to stay vigilant for.

    In XP if you use FAT 32 instead of NTFS the ole' DOS disk will work....
    The COOKIE TUX lives!!!!
    Windows NT crashed,I am the Blue Screen of Death.
    No one hears your screams.


  8. #8
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027

    Re: Windows Standalones

    Originally posted here by Cybor
    Windows 9x, ME, 2K standlone versions bypass login dialog.
    This is (partly) wrong. You CANNOT bypass winlogon (msgina) on Win2000 nor NT even on a standalone workstation. You can, however, have w2k logon automatically as a common users, but it does not mean that winlogon can be bypassed.

    I do believe also that you can make loging on mandatory in 9x/me with sys polices (poledit) (for what it's worth)...

    As for the idea, well, I'm sure it's well intentioned, but I'd think it over again: do you think this will really bring you/others security? If you do, good for you go ahead... But IMHO, your idea is futile. Security must be thought at design time. It can hardly be patched on (we've already observed that time over time). This also means that if you go ahead with the idea, you must think of all the surrounding implications that might jeopardize your design... Not an easy task!

    Still, if you want to do this just to code something and learn, by all means proceed!

    Ammo

  9. #9
    Member
    Join Date
    Jun 2002
    Posts
    46
    i don't remember how but you can disable ESC in login process in registry, try to search about it. i already did that and it worked but in W9x/me you can always bypass the login in many ways.
    -Mamma... Mamma... I want to let school !!! - kid
    -Why my dear? - Mom
    -Because i heard in television that some guy was killed because he knew to much!!!-Kid

  10. #10
    Junior Member
    Join Date
    Jun 2002
    Posts
    6


    There is a program for all the Windows family including NT/2k and XP, called Secure Desktop.

    It does all, and, more of exactly the keystrokes you wish to disable at the registry level.

    I've no idea [except maybe certain websitez] where you can get it from, but this url is the program spec website: http://visualautomation.com/comprod/...6/secure_d.htm

    Take a look, it might be what you need....

    Sorry, don't mean to sound like an advertising agency! Just used the program, and it's pretty cool!

    \"The universal aptitude for ineptitude makes any human accomplishment and incredible miracle...\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •