Security Basics mailing list archives
RE: protect MS Windows 95/98/Me
From: "Alexander Suhovey" <asuhovey () mtu-net ru>
Date: Tue, 30 Sep 2003 09:09:05 +0400
But to even the most moderate of tech savvy individuals, bypassing those policies through safe mode [...] will render that effort ineffective.
Actually, you can - disable boot-time F[4,5,8], Shift+F5, Shift+F8 keys by adding 'BootKeys = 0' to [OPTIONS] section in MSDOS.SYS, - disable Ctrl-C at boot time by adding 'BREAK=OFF' to CONFIG.SYS - disable "Restart in MS-DOS mode" by adding numeric value "NoRealMode" equals 1 to HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp key There is tons of other tricks Google can dig out for you from Internet (Win95 RK also helps), but anyway all this looks more like *fool*proof or, may I say, obscurity without security, since there is no way (or no way I know) to secure file system/registry in win9x without third-party software. Al.
-----Original Message----- From: Lee Seidman [mailto:lseidman () yahoo com] Sent: Monday, September 29, 2003 9:22 PM To: Spencer D'oro; steve () Lan com au; security-basics () securityfocus com Subject: RE: protect MS Windows 95/98/Me For the average user, the use of POLEDIT to create a policy file on the server will secure Windows 9x clients somewhat. But to even the most moderate of tech savvy individuals, bypassing those policies through safe mode or just unplugging the ethernet cable will render that effort ineffective. "Genuine" security (if there is such a thing, especially in Microsoft products) does not exist on Windows 9x clients. --- Spencer D'oro <sdoro () comcast net> wrote:That's way off-base, at least for 98. By setting system policies on the OS using POLEDIT and storing the config.pol file on the server, you then set restrcitive policies dependent on whatever ADM you use. You load Group Policies from within Windows components. And you set User-level access control to make authentication for ALL shares be done by the DC. If you have a large number of machines, and upgrading just isn't in the budget, then it is totally feasible to secure a 98 station. The 98 OS is not as of yet obsolete, IMO. Spencer -----Original Message----- From: Steve McLaughlin [mailto:steve () Lan com au] Sent: Thursday, September 25, 2003 2:23 AM To: security-basics () securityfocus com Subject: RE: protect MS Windows 95/98/Me Yes, that's a very polite way of saying it. There is no security features in win9x OS. They are all totally unsecure operating systems. The security features within are totally flawed in all ways, there is no way of securing these operating systems. The solution is to upgrade to windows 2k or XP, using NTFS. There is no other way. Don't embarrass yourself wasting the organisations capital on totally obsolete and unstable operating systems. Consider the 9x OS Obsolete, upgrade to NT5 or 5.1. Don't bother even looking further into securing Win9x. It is a total waste of time. steve mclaughlin | enlite technologyR T 1300 135 251 | F +61 (2) 9402 8586 E steve () Lan com au | W www.Lan.com.auT (MCP, A+, Network+, Server+) -----Original Message----- From: French, Mark [mailto:Mark.French () wellington co uk] Sent: Thursday, 25 September 2003 2:07 AM To: 'security-basics () securityfocus com' Subject: RE: protect MS Windows 95/98/Me I don't know of any software, but in this situation, my hardware of choice would be SCISSORS. Cut the network cable, keyboard cable, and mouse cable. This is probably the only way that this level of security can be achieved in these operating systems. Mark (Sorry, I couldn't resist) -----Original Message----- From: Robert Reidenbach [mailto:pominciss () greendot com ph] Sent: 24 September 2003 06:25 To: security-basics () securityfocus com Subject: protect MS Windows 95/98/Me Hi everyone! I'm looking for a software that you can install on MS Windows 95/98/Me Machines that won't allow an ordinary user to install any programs or allow any virus to infect any files. Would anybody know what they call these programs and where to get them? Any kind of help will be appreciated. -Robert--------------------------------------------------------------------------------------------------------------------------------------------------------___________________________________________________________________ __This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com________________________________________________________The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. The registered office of Wellington Underwriting plc is 88 Leadenhall Street, London, UK EC3A 3BA.________________________________________________________-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.521 / Virus Database: 319 - Release Date: 9/23/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.521 / Virus Database: 319 - Release Date: 9/23/2003
---------------------------------------------------------------------------
----------------------------------------------------------------------------
__________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- firewalls usefulness article: Incessant hacking exposed, (continued)
- firewalls usefulness article: Incessant hacking exposed Meritt James (Sep 25)
- Message not available
- Re: protect MS Windows 95/98/Me Robert Reidenbach (Sep 25)
- Re: protect MS Windows 95/98/Me freeasabird_13 (Sep 26)
- Re: protect MS Windows 95/98/Me Jimi Thompson (Sep 29)
- RE: protect MS Windows 95/98/Me Nick Duda (Sep 24)
- RE: protect MS Windows 95/98/Me French, Mark (Sep 24)
- RE: protect MS Windows 95/98/Me Steve McLaughlin (Sep 25)
- RE: protect MS Windows 95/98/Me Raoul Armfield (Sep 25)
- RE: protect MS Windows 95/98/Me Spencer D'oro (Sep 26)
- RE: protect MS Windows 95/98/Me Lee Seidman (Sep 29)
- RE: protect MS Windows 95/98/Me Alexander Suhovey (Sep 30)
- RE: protect MS Windows 95/98/Me Steve McLaughlin (Sep 25)
- Advice for someone interested in a security career? Chris Rodgerson (Sep 26)
- Re: Advice for someone interested in a security career? Dana Epp (Sep 26)
- Re: Advice for someone interested in a security career? Eric (Sep 26)
- RE: protect MS Windows 95/98/Me Spencer D'oro (Sep 24)
- Re: protect MS Windows 95/98/Me Ansgar -59cobalt- Wiechers (Sep 25)
- Re: protect MS Windows 95/98/Me Ansgar -59cobalt- Wiechers (Sep 25)
- RE: protect MS Windows 95/98/Me Spencer D'oro (Sep 26)