Most command-line utility can do it
Dr_Evil
Printable View
Most command-line utility can do it
Dr_Evil
Look around and you can find them using Google but if you have done as was suggested earlier and give them a restricted account with limits on what programs can be run (user and computer policies) plus have a firewall that limits downloads then you shouldn't have any problems with this.Quote:
You also cant always be watching everything, and somebody wearing a jacket with a nifty Network security shir underneath could go right past you, then when they get to a computer that is inyour blind spot take off the jacket with the shirt underneath to sooth the suspicions of other users (many people dont understand how easy this is to do, and how many people actually fall for those thinkgeek shirts lol). reenabling the drives is just a matter of going to safe mode, or getting to the registry (which no matter what restrictions you put on from a win machine it will always be easy).
The best bet is to physically unplug the drives. You can leave them in there, but with those security screws in place (along with educated users, with signs warning of possible vandalism attempts) it will make it extremely hard for the person to go through. The AIM thing, where they have the warnings that say nobody from AOL will try to get billing or pw info is a great example to follow!!! Signs and fake cameras with a possible TV that shows one camera feed will discourage even the hardest crackers...unless they are a previous employee who knows all your tricks :)
I'm not responsible for how you use the info, but NOTHING is truly secure!!!! Reminds me of a quote that I read in one of LoDs technical journals (and quite famous in other places also) before I realized they were obsolete (yes, laugh it up lol I had just started and didn't know crap hehe). Here is the quote:
"The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it.'' Dr. Gene Spafford
Right....Quote:
I'm not responsible for how you use the info, but NOTHING is truly secure!!!! Reminds me of a quote that I read in one of LoDs technical journals (and quite famous in other places also) before I realized they were obsolete (yes, laugh it up lol I had just started and didn't know crap hehe). Here is the quote:
"The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it.'' Dr. Gene Spafford
Google will probably give you a list. I know from experience (shame on me) that you can run most BIOS crackers from a restricted account. The archives here at AO should have BIOS crackers. Is this at a school/university? Also pulling out the battery or messing with the jumpers in a computer lab is blatantly obvious and almost immediate removal.
Not if you set it up correctly. Although I think it would be better if Windows switched to a *nix like multi-user system.Quote:
(which no matter what restrictions you put on from a win machine it will always be easy)
Here is a sight that has some information.
-Sam-
Thanks, its a whole lotta good ideas. I've looked through the BIOS password command line scripts and still I don't see a way of preventing them.
Someone could easily dump the 6kb file in binary into an email, re-assemble the source code locally, and find the BIOS password.
This is still the only thing that worries me.
Oh certainly. There is no such thing as 100% perfect security but making it harder for someone to do this helps mitigates some of the risk. So keep that in perspective.
For sure, that's why I've set up decoy cameras/security systems. Really freaks out a thief to see "Protected by Guard Dogs" or "24/7 Closed Circuit Surveillance" when they try to rob you.
its easy. u password protect the bios with the highest number of letters and u update the bios. only allow for the hd to boot then the nic. make sure they cant choose the boot order by pressing a key. then when thats done u disable all files that controll startup stuff. io.sys command.com stuff like that.
default BIOS passes can be found at ankitfadia.com
worth a try
Hey I thought that site was down.Its up again !
Thanks
Dr_Evil