Wrong domain is not checked ?

[Daniel Fonseca]

On Wed, 24 Feb 1999, Dave J. Andruczyk wrote:

> > Even with policies, people are able to execute command.com without logging
> > in.  from there you can run explorer.exe and you have all you need.
> > getting around even the best 9x security can be trivial.
> 
> Just rename "taskman.exe" to something else, and then you can't pop it up
> at the logon screen with Ctrl-Alt-Esc.  There are documented ways to
> prevent "safe mode" bootups, and use the bios to prevent booting from
> floppy or CDrom.  

I also renamed taskman.exe at first, but completely erased it afterwards
(it was some 2 years ago, when I secured win95 to the best I could in a
Cibercafe) - I found that after you logon, explorer takes care of giving
you the task management so when you press Ctrl-Alt-Esc or that Window Key
in Win95 Keyboards, it still works as expected... after logon, I repeat.
It really prevented from, at least, doing unauthorized/unlogged logins
into win95 thus preventing an interactive gui session.

As for the safe mode prevention, just to save interested people the
trouble of searching, the key is the \MSDOS.SYS file, now (after win95) a
plaintext file with some important directives therein like:

Bootkeys=0
;Means no bootkeys available when pressing F8 or F5 upon boot

As for general security, a lot is possible but you always stumble across
the fact that there is no file permissions protection, so a good
backup/image scheme is due here. I have implemented some - one with a Boot
CD, which restores a previously imaged copy of the disk and another with a
dual (win95/linux) boot on the same machine with special restore and
backup logins onto the linux partition, which perform the task
automatically - the later takes only 5/6 minutes to complete including
reboots.

Gone a little offtopic, but I didn't started it! :-)

Hope to help,

Daniel Fonseca