-
June 16th, 2003, 05:06 PM
#1
Senior Member
bypassing user permisions?
Hey everyone,
I haven't posted here for a while, but I was just wondering....on a linux or windows 2000 (or any other multi-user OS), is it possible for a normal user to install a program to read raw disk sectors to bypass any security protecting files on the OS?
Either get busy living or get busy dying.
-The Sawshank Redemption
-
June 16th, 2003, 05:23 PM
#2
Member
Of course there are ways to bypass certain security files but they will always be 'protected' by the SAM. The reason that it is basically impossible to tap 'files' is because the SAM on windows 2000 marks just about everything with a 'user ID'. Also, trying to manipulate (with disk sector software/command prompt ) the SAM would disable your system. Trust me.
I'm not sure about LINUX. I assume you probably could.
Scatman
If the scatman can do it so can you.
-
June 16th, 2003, 05:44 PM
#3
If the user can boot the system from a floppy they can change the passwords, that bypasses everything...
Quis custodiet ipsos custodes
-
June 16th, 2003, 06:03 PM
#4
Originally posted here by R0n1n
If the user can boot the system from a floppy they can change the passwords, that bypasses everything...
This is true, the easiest and most dangerous exploits in Windows are local(someone sitting in front of you computer) A bootdisk with ATTRIB on it can let you in to any Windows box. Remotely, it is far more difficult to break in to an NTFS system with well chosen passwords and maybe a router or firewall.
-
June 16th, 2003, 06:35 PM
#5
Junior Member
Just wondering, is there any other way you can bypass if you dont have the boot disk.
my life
-
June 16th, 2003, 07:01 PM
#6
Hey everyone,
I haven't posted here for a while, but I was just wondering....on a linux or windows 2000 (or any other multi-user OS), is it possible for a normal user to install a program to read raw disk sectors to bypass any security protecting files on the OS?
No, of course not.
A normal user can install the program to read raw disk sectors, but it won't work unless you're Administrator (or root, or similar).
Like other posters said, with the ability to boot off an alternate source (CD, floppy etc), an attacker can read any file on the disc which isn't encrypted (*and* plant a keylogger or trojan to get at the encrypted stuff)
Unlike what the other posters said, NTFS does not make it significantly more difficult to read (or write) protected files - many tools are available. It will only stop the most l4m3 script kiddies (and not even that is guaranteed)
The trick is to ensure that users cannot bypass the normal boot process
- Password protect the bios setup
- Boot from the HD only
- Password protect the bootloader (where necessary - for example lilo)
- If physical security is a real problem, put the machine in a locked box.
finally
- Never log on to a workstation in an unprotected physical location with a network admin or any other kind of privileged account
Because if the machine was compromised, it could have a keylogger on.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|