Re: security loophole question

From: moi (random1234_NOSPAM__at_blueyonder.co.uk)
Date: 10/22/03 

Date: Wed, 22 Oct 2003 18:59:06 +0100

"davetest" <davetest_nospam@yahoo.com> wrote in message
news:cffdpvcctu8d2flfbj0f0fqodpbrqel1uc@4ax.com...
> On Wed, 22 Oct 2003 16:43:14 +0100, "moi"
> <random1234_NOSPAM_@blueyonder.co.uk> wrote:
> See below:
> >hi,
> >
> >im running windows xp, and am pretty gutted about the security problems
in
> >it, so if anyone could help me resolve them i would appreciate it.
firstly,
> >my brother seems to somehow be able to reset my BIOS password on boot, at
> >will. i know this isnt strictly to do with XP, but if anyone could a)
tell
> >me how he does this, and b) tell me how to stop it, id very much
appreciate
> >it.
> If you have a BIOS password that stops the user from booting and/or
> from entering the password to reset it, the only way I know of to
> get around this is to open the box and reset the cmos using the
> jumper. But this is unlikely, because then you would have to set
> up all the bios settings again...
> perhaps he is just getting into the bios and disabling the password.
> >
> >my major concern is that despite me having my guest accont turned off,
and
> >there being only my account (the pass word to which he definitely doesnt
> >know) he seems to find some way of turning on the administrator account
and
> >thereby accessing all my files. he says something about being able to do
> >this by booting in safe mode or something like that.
> Most ADMIN accounts are *not* password protected. By booting safe
> mode, you have access to the admin account directly. Try going into
> control panel/admin/computer management/local users and groups/users
> and either disabling the administrator or set a password for it
> (this is probably better)
> >
> >clearly this is a complete pain in the ass.....im sure any of you who
are,
> >or remember being 19, will understand the potential problems of having
your
> >brother being able to go through your hard drive at will.
> >
> >so any help will be greatfully recieved.
> >
> >cheers,
> >
> >CP.
> >
>

thanks for that dave,

i dont know how to stop the scum bag getting into the bios, but ive set a
password on the 'administrator' account, so hopefully that should stop him
finding my......errrm....'sensitive' files.

many thanks,

CP

Relevant Pages

  • Re: Administrator Password Questions
    ... The built-in Administrator account is found on the ... To get Admin account on the "Welcome Screen" make sure ... RESET A PASSWORD USING THE ADMINISTRATOR ACCOUNT ... Microsoft Diagnostics and Recovery Toolset 5.0 $65 64 MB ...
    (microsoft.public.windowsxp.general)
  • Re: Administrator password unavailable
    ... >> I have done both of those, but I did not see an option to reset the ... > administrator account on the computer, or if the original administrator ...
    (comp.sys.mac.system)
  • Re: SAM cracking
    ... to type in a bios password at boot. ... administrator for the learning purpose. ... just need the SAM file and a few minutes. ... the Administrator account and disable the LN manager hashe. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: daughter changes administrator user
    ... Also Malke this will not help much if he does not change the Administrator's ... log into the machine using the normally hidden Administrator ... > Administrator account. ... Also set the Supervisor password in the BIOS so BIOS ...
    (microsoft.public.windowsxp.security_admin)
  • Re: locking XP from the little brats
    ... I added a guest account, the onlyway they can login is thrue the guest ... administrator accounts are locked with password changed ... whoever made the decision to order computers with XP Home ... is the BIOS password protected? ...
    (microsoft.public.windowsxp.general)