Re: Windows: Local Security Workaround

[kotz () FLASH NET (Robert)]

I was playing around with the computers in my school's library the other
morning when I came across something interesting. Just a bit of
background information: my school uses Fortres101 by Grand Corp. and
they have a nice ethernet set up, and they use norton (comes in handy
later). Basically, after playing around with it for a while, I noticed
that it was network settings that were protecting a lot of files (like
autoexec.bat, etc.) and not fortres. Well, anyway, the other morning in
the library, the computer I happened to sit at had been disconnected
from the network so when I booted up and tried to log in it wouldn't
work. Interestingly enough, norton antivirus is the only program that
runs (well, that you have access to.) BEFORE the login process is
complete. So I was playing around with norton and I found that you can
easily run programs by changing the log file and then when you are
browsing the HD, right click->open on an executable will run it. Anyway,
I ran Word and found that I could edit autoexec.bat or any other file
that was protected by network permissions instead of by fortres.
Ironically, the program that is supposed to keep your computer 'healthy'
is what provides the risk.

-- Robert Kotz