Re: protect MS Windows 95/98/Me

From: Tomas Wolf (tomas_at_skip.cz)
Date: 09/30/03

Next message: McGill, Lachlan: "RE: Locking down a stand-alone 2000 Server with Group Poicy"

Previous message: Phillip McCollum: "Re: Locking down a stand-alone 2000 Server with Group Poicy"
In reply to: Alexander Suhovey: "RE: protect MS Windows 95/98/Me"
Next in thread: Steven A. Fletcher: "RE: protect MS Windows 95/98/Me"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 29 Sep 2003 23:53:02 -0500
To: security-basics@securityfocus.com

Hello,
I couldn't find the real question, so I'll just try to react on what I
see is the discussion about... I remember one free (windows natural)
tool that can do some locking and policy enforcement -> POLEDIT.EXE. I
remember playing with it for some time and using it for a library as the
"lock-down" tool, since they didn't want to invest time or money... And
it worked well enough... Even though, who knows what they are doing it
is not a big deal. But that is my 1c shoot in the dark :-)
Good luck -- Tomas

Alexander Suhovey wrote:

>It was long ago when I played with win9x last time, but if I recall
>correctly, "Disable registry tools" policy in win9x only restricts ability
>to run regedit.exe. There are other ways to edit registry:
>- rename regedit.exe
>- use reg files
>- use third-party registry editing software
>Correct me here if I'm wrong.
>
>
>IMO only way to secure win9x box is to use custom boot loader and custom
>shell plus physical security (locks on case, BIOS superuser password, maybe
>no floppy/CD etc)
>Also nobody mentioned FolderGuard [http://www.winability.com/folderguard/]
>which (among other features) gives you something like NTFS' ACL for FAT.
>
>My $0.02
>--Al
>
>
>
>>-----Original Message-----
>>From: Spencer D'oro [mailto:sdoro@comcast.net]
>>Sent: Friday, September 26, 2003 7:33 PM
>>To: 'Ansgar -59cobalt- Wiechers'
>>Cc: security-basics@securityfocus.com
>>Subject: RE: protect MS Windows 95/98/Me
>>
>>But if Registry editing is disabled on the machine for that user through
>>system policies, then how do you disable it through registry? And what
>>editor are you talking about? I don't know what you are referring too,
>>but please enlighten us, because if there is a way to do it, I want to
>>know.
>>
>>Regards,
>>Spencer
>>
>>-----Original Message-----
>>From: Ansgar -59cobalt- Wiechers [mailto:bugtraq@planetcobalt.net]
>>Sent: Thursday, September 25, 2003 2:13 PM
>>To: security-basics@securityfocus.com
>>Subject: Re: protect MS Windows 95/98/Me
>>
>>
>>On 2003-09-25 Steven A. Fletcher wrote:
>>
>>
>>>This is not necessarily true. If Win9x policies are configured
>>>properly, the users can be quite limited in what they can change, even
>>>
>>>
>>>for the current session. It's just a matter of putting the proper
>>>time and effort into it.
>>>
>>>
>>All I need to disable any policy is an editor and regedit.
>>
>>Regards
>>Ansgar Wiechers
>>
>>------------------------------------------------------------------------
>>---
>>------------------------------------------------------------------------
>>----
>>
>>---
>>Incoming mail is certified Virus Free.
>>Checked by AVG anti-virus system (http://www.grisoft.com).
>>Version: 6.0.521 / Virus Database: 319 - Release Date: 9/23/2003
>>
>>
>>---
>>Outgoing mail is certified Virus Free.
>>Checked by AVG anti-virus system (http://www.grisoft.com).
>>Version: 6.0.521 / Virus Database: 319 - Release Date: 9/23/2003
>>
>>
>>
>>
>>
>>
>---------------------------------------------------------------------------
>
>
>----------------------------------------------------------------------------
>
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>
>
>
>
>

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: McGill, Lachlan: "RE: Locking down a stand-alone 2000 Server with Group Poicy"

Previous message: Phillip McCollum: "Re: Locking down a stand-alone 2000 Server with Group Poicy"
In reply to: Alexander Suhovey: "RE: protect MS Windows 95/98/Me"
Next in thread: Steven A. Fletcher: "RE: protect MS Windows 95/98/Me"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Backdoor.Nibu.E.
... all in safe mode. ... the registry keys shouldn't revert back ... >you've Ended the process in Task Manager if it's ... >>>>>Outgoing mail is certified Virus Free. ...
(microsoft.public.windowsxp.general)
Re: Registry learn to edit
... | Your hint stinks. ... The more you know about the registry the better. ... |> Outgoing mail is certified Virus Free. ...
(microsoft.public.windowsxp.basics)
Re: XP colorscheme detection Help wanted
... > Hi John! ... > if don't know how to read a key from the registry: ... >> Outgoing mail is certified Virus Free. ...
(microsoft.public.vb.general.discussion)
Re: Registry learn to edit
... If you want to know how to search the registry, edit the registry ... this is the Basics News Group. ... |> Outgoing mail is certified Virus Free. ...
(microsoft.public.windowsxp.basics)
RE: CDE not coming up
... maybe I dislodged something when I installed the drives. ... > Now what is interesing is that CDE comes up on FREJA but not ODIN ... > Incoming mail is certified Virus Free. ...
(comp.os.vms)