-
gi_ab
find a bootdisk tool called ntpasswd, you can reset your password on an 2000/xp system, the downside is if you encrypted any files using EFS, they are no longer accessible to you.
neel- it was demolition man.
we have iris recognition systems in my netsec class that we will work with, my teacher says they are pretty secure, and that everytime they tried to surpass them, they had to reload the operating system. I have a theory of how to get past it, but i have to wait till we get to that section before i can test it.
-
From the responses so far it would seem that as the "problem" requires physical access, the solution has to be a physical one as well?
I remember back in my IBM mid-range days the IBM Software Engineer always had a couple of disks that allowed him to log in as security officer (qsecofr) provided that he had access to the computer console. Also that all sensible sites had the computer room locked,with access control in place.
I think the same physical security tends to go for network servers these days? it is just the desktop PCs that have created these vulnerabilities, because they are out in the workplace? The old "dumb terminals" did not require any protection?
I have noticed on Defence Industry Sites that the desktops tend NOT to have CD drives, and that the floppy drive is disabled. Also the hard drives tend to be in removable bays .........this may well be the cheapest and simplest solution in some environments :)
Can anyone think of a way to exploit a machine WITHOUT a hard drive? in general terms of course :)
Cheers
-
is there like a batch file or something i could create that on startup will disable booting from a CD?
-
Quote:
Originally posted here by Szafran
is there like a batch file or something i could create that on startup will disable booting from a CD?
Szafran, I really think you need to read some basic articles on how a PC works.
Any computer store will have books for people new to computers, or you can find a wealth of information here, as well as at other sites.
Your question is meaningless, as the decision as to whether or not to boot from a CD (or anything else) has absolutely nothing to do with a batch file.
Perhaps if you searched on google for BIOS & digested some of the earlier posts in this thread, you might get somewhere ??
-
actually i could probably write a few of those books on computers. And i know it in possible to disable a drive with a batch file. If i were to edit forsay Autoexec.bat and put a command into it to run my batch then i would be all set. But i'm pretty sure that autoexec.bat runs after the scanning for boot disks
-
Szafran,
You need to think about how your PC works? Your general home PC will go 3.5 floppy, CD, HDD, in its boot sequence.
If you are thinking about "batch files"........................forget it..............you are already owned :D You MUST hit this right up front in the POST cycle. This means you have to set your BIOS/CMOS to deny booting from the devices you want to exclude. If you let your box boot from a floopy you are dead................I just need one of the DOS utilities from the HDD manufacturers..............or even a simple WIN98 boot disk..............I then get to use the CD long before any batch file would cut in? To put it another way, if the OS has booted............too late!
This gets back to physical security. If you can get into the box you can reset the BIOS/CMOS. This is generally via a switch or removing the CMOS battery?
I am afraid that you might be falling into the classic mistake of providing answers rather than asking questions. What I mean is, just what is your project objective? If you gave us a better idea we might be able to help.............could be that there is a software solution, but not where you are looking at the moment.
PM me if you like............wouldn't like you to get negged :)
Cheers
-
Quote:
Originally posted here by Szafran
actually i could probably write a few of those books on computers. And i know it in possible to disable a drive with a batch file. If i were to edit forsay Autoexec.bat and put a command into it to run my batch then i would be all set. But i'm pretty sure that autoexec.bat runs after the scanning for boot disks
ROFL !! I presume you are talking about paying someone to publish misleading, incorrect information.
You are completely missing the point here, as of course you can disable anything you like after the OS has booted, which in your case, I presume is Win9x.
But what ru going to do when I boot something completely different from a floppy, CD, or a USB slot ???
This is not the right forum for this discussion, as it should be in 'Newbie help'.
