|
-
January 28th, 2002, 05:35 AM
#13
Junior Member
Securing Win9X desktop tips
The newsletter is great but I just had a few comments about securing win9X desktops.
Rewandythal wrote:
BIOS Passwords
These are programs that are designed to add security to Windows 9x. they
usually launch from Autoexec.bat and ask for a password before letting the
rest of the boot-up process continue.
It is, however, easy to edit autoexec with a DOS boot disk and the EDIT
command, so this method is again, useful only in places where people with
half a brain are not likely to be (for example, this method would work fine
in schools, but in a computer-related business most of the professionals
will know how to use a boot disk!)
BIOS passwords typically are configured for two settings. Either they are set to prevent users from entering the CMOS settings on a PC or they can be set to prompt for a password whenever the system is powered on. If the second option is selected, the user will be prompted for a password before the system will boot from either the hard drive or a floppy disk. To enter the CMOS on common BIOS's (award being the most typical), power on the PC and hit the [DEL] key. Most BIOS's briefly flash a message when powered on which says something to the effect of "Hit the [DEL] key to enter setup". Take care that you make notes of any changes that you make to BIOS settings if you are unfamiliar with thier function as several of them can affect the stability and or operation of your PC. Power on BIOS passwords will keep common users from accessing a system but they can be defeated by the more harware inclined individuals out there. The CMOS settings can be reset to default with a jumper setting on the motherboard.
As far as securing the windows logon prompt, here are two methods for forcing a user to enter a correct user name and password instead of just canceling out of the client for M$ networks logon prompts.
http://www.security-tips.com/003.htm
http://www.security-tips.com/004.htm
A bettter method is to have a WIN NT/2000 domain controller and to use poledit.exe to setup policies on the PC. A policy can be setup to force a user to have a valid account on the domain. Policies can also be used to lock users out of the control panel, Internet settings, enforce a standard desktop adn start menu etc. Here's a decent tutorial on the subject.
http://www.elkantler.net/security/security.htm
Win9x has poor security out of the box, but there are ways to make it more secure. Peace out YO!
Humans are the weakest link in the computer security chain...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote