Results 1 to 8 of 8

Thread: Making the Win9x/ME login more secure(sort off)

  1. #1
    Senior Member
    Join Date
    Jun 2003
    Posts
    772

    Making the Win9x/ME login more secure(sort off)

    Making the Win9x/ME login more secure(sort off).
    --------------------------------------------------------------

    This "securing" is lame but I don't think you can make Win9x/Me
    login more "secure", heck if you want a secure loginsystem you
    just don't use Win9x/Me.
    Hope this isn't a piece of crap, as it is my first tutorial and English is not my native language.

    Important:
    -You cannot make the Win9x/ME login system secure, but you can stop ordinary users from bypassing the login system.
    -Watch out when editing the registry, you can cause problems that may require to reïnstall your operating system.
    If everything is done correctly there shouldn't be any problems.

    1. Force users to logon

    Normally you can just press "Cancel" when the Logon box appears and access the computer. This registry edit will logout the user if the user clicks cancel.

    Bring up the control panel -> users and setup your computer for
    multiple users.

    While logged in open your registry (Start -> Run -> regedit) expand the
    [HKEY_USERS] key, there should be several sub-folders including .DEFAULT and
    one named to the username you just created. Expand the .DEFAULT key
    -> Software -> Microsoft -> Windows -> CurrentVersion -> Run
    If this "run" key doesn't exist yet, create it.

    Create a new String Value:
    Name: NoLogon
    Data: "RUNDLL32 shell32,SHExitWindowsEx 0"


    You can also achieve the same result by doing this:
    Open registry and go to key: [HKEY_LOCAL_MACHINE\Network\Logon]

    Create/modify a (new) DWORD value:
    Name: MustBeValidated
    Value: 1
    Base: hexadecimal

    This normally prevents network logon bypassing but it also works for standard Windows Logon.
    I use this second method.

    2. Making it harder for users to find/delete your password file and thus accessing the computer.

    Find the .pwl file (in C:\windows) corresponding with your username([username].pwl) and rename
    it to something like ad.exe so nobody will think it's a password file. You may also want
    to hide the file(right click it -> Properties -> Hidden).

    Open system.ini (it's in C:\windows) and scroll down until you find the line [Password Lists].
    Below it you see all the usernames created on your computer.
    For example:
    User1=user1.pwl
    User2=user2.pwl
    Suppose you renamed user1.pwl to ad.exe; just change
    User1=user1.pwl to User1=ad.exe

    -----------------------------------------------------------------------------
    As you noticed a user can still easily find out what the password file is and delete it but this will stop most users from doing so.
    -----------------------------------------------------------------------------
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    wow, never knew you could force a logon on win98, that's really cool! Guess you learn something new everyday! Thanks for the very valuable info!
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Nice Post!

    I always love to see someone trying the imposssible, and getting it to almost work

    My thinking is that if you are using WIN 9x, then you have to rely on the BIOS power up password (for security at least). This can easily be physically disabled, so you need to lock the back of the box?.

    My problem with trying to do it within the OS is how do you protect yourself against someone with a boot disk and a reasonable knowledge of DOS?

    Cheers

  4. #4
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    My problem with trying to do it within the OS is how do you protect yourself against someone with a boot disk and a reasonable knowledge of DOS?
    Answer: Take out the floppy drive, and lock the box up
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/

  5. #5
    Or alternatively, lockup the box, disable booting from floppy in the bios, password the bios, and disable safe mode (I think there's something in msdos.sys that you can edit/add, I'll chase that up).
    \"Death is more universal than life; everyone dies but not everyone lives.\"
    A. Sachs

  6. #6
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    This tutorial was probably not very valuable because there aren't many people here using Win9x/ME . If you want a secure login in Windows you'd better use Win2k or XP.
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  7. #7
    BIOS Bomber
    Join Date
    Jul 2003
    Location
    Michigan
    Posts
    357
    Remember though, any box that you give physical access too is NOT secure. Unless of course you put it in a safe. If someone handed me a box and said "Ok, format it" And said I had to do it quickly, all I" would have to do is use a boot disk and erase the MBr and or HD, whatever youd like to call it.

    To add to this tutorial, If you can (meaning nothing hardware relatyed is in the way) you should be able to put a master lock or some other lock that needs a key to be opened and hook it up to all your CD rom drives so that they cannot be opened without a key. The HPs with the little "door" that opened to get to the DVD drives are a good example.
    "When in doubt, use Brute Force."

    Never argue with an idiot. They'll drag you down to their level, then beat you with experience.

  8. #8
    Junior Member
    Join Date
    Nov 2001
    Posts
    17
    Hey el-half,

    Amazingly enough there are still people out there that use Win 9x. Hell I'm one of them
    To be correct I should say it's one OS i'm still using.

    I have already filled this tutorial so thanks for the info.
    So thansk much for the info.

    PS. Leuk hier nog een andere Belg tegen te komen.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •