Hey, J,



About the BIOS password letter in the 34/10 mailbag, I thought I
should offer up a few bypass methods, in case anyone wants to do any
demonstrations for co-workers. Post 'em on the letters page, forward
them to pat, whatever. I'll leave that up to you.



The easiest way to bypass a BIOS password is by using the
manufacturer passwords. It's best to test this using a password you
know before doing it with an audience. Get someone to enter a
password, then turn off the machine. Reboot it and try the following
passwords:



AMI (American Megatrends) BIOSes:



AMI

ami

AMI_SW

AMI?SW

AMI?PW

A.M.I.

oder

PASSWORD



Award BIOSes:



589589

589721

AWARD

Award

J262

J256

AWARD SW

AWARD_SW

AWARD?SW

AWARD_PW

q_l27&z

ALFAROME

BIOSTAR

BIOSSTAR



Phoenix BIOSes:



PHOENIX

phoenix

BIOS

CMOS



Also try these:



setup

LKWPETER

BIOSTAR

Syxz

Wodj

SER

SKY_FOX

aLLy

awkward

HLT



These are the common manufacturer BIOS passwords, put in by
manufacturers in case you forget your password, to make repairs
easier. On some computers, flooding the keyboard buffer will crash
the password routine and allow the computer to boot. Simply wait for
the password prompt, then press ESC repeatedly. This may require 50
to 100 presses, and may not work in all machines, but its worked
before, and its worth a try.



Some IBM Aptivas will clear the CMOS if you press both mouse buttons
during the boot process. Some Toshiba's laptops can bypass the BIOS
password if you press the left shift button on the keyboard while
booting. With AMI BIOS, v1.19 and older, the CMOS is cleared by
holding the END key while booting.



You can also remove the BIOS pwssword on any computer by opening up
the case and taking out the little battery that holds data in the
CMOS when the computetr is turned off. Give it a while turned off
without the battery and it will revert to factory defaults. If you
think this will exceed the five-minute time linit, you can use a
high-tech time multiplier technique of picking the computer up and
walking out with it, then cracking it at home.



I'm not a cracker type, I'm just interested in computer security (and
having stupid tricks to bypass lost passwords in school).



Michael



Thanks for the tips Mike.







I am looking for some Israeli or Arab supportive hacker Web sites/BBS. I imagine that u have an
extensive database of this stuff and was wondering if u could think of a few off of the top of
your head. Not asking u to do research or anything for me. I'm not that much of a lazy ass.
Just giving ya a quick shout to see if you could throw me some recommendations.



Thanks in advance.

m0rb



As always, if you're looking for a website dealing with computer security, hacking, etc. you should visit our web-directory at http://www.AntiSearch.com/.







Hi John,



I stumbled on your site and many kudos to you, really an incredible site
and I like your political views too I have been programming for over
15 years in C/C++ and assembler on Windoze and previously OS/2 including
real-time systems. I have been using Linux since 1995 and am really
interested in computer security. I was thinking of taking an online
course at SANS, LevelOne Security Essentials and if it is a good match,
taking LevelTwo etc. My question is if you have any knowldege about the
quality of the course and what the employment possibilties would be for
men after certification, BTW I am 45 years old. In the good old days my
hobby was getting diskettes with viruses and with a tool set I wrote in
C and using good old Dos DEBUG, reverse engineering them. First one I
did was the Brain Pakistani virus.



Many thanks,

Arnold



I like the SANS Institute, there's a lot of good stuff coming from those guys. But, I think that if you're looking for certification to help your resume, you'd be better off taking a course or two from ISS' Educational Services.







I recently bought McAffee's Guard dog firewall and anti virus
software. Are these kinds of commercial programs effective
deterrent to hackers/crackers? Also, do they really provide any
level of anonymity while surfing the web?



sixfloors@yahoo.com



I'm not really the biggest fan of McAffee's products. Personally, I think they're starting to go down hill. You probably would have been better off getting some of the Symantec Software Packages. I'm not saying that McAffee's products aren't effective, just that I think Symantec's are more effective =)