[4397] in WWW Security List Archive
Re: Win3.1/Win95 desktop security?
daemon@ATHENA.MIT.EDU (Geoffrey Leeming)
Thu Feb 13 10:42:18 1997
To: bve@quadrix.com (BVE), kev-rhea@mail.zynet.co.uk
From: Geoffrey Leeming <geoffrey@indiciis.com>
Cc: www-security@ns2.rutgers.edu
Date: Thu, 13 Feb 1997 11:26:00 +0100
Errors-To: owner-www-security@ns2.rutgers.edu
At 09:39 PM 12/2/97 +0100, BVE wrote:
>
> Date: Tue, 11 Feb 1997 13:35:14 +0000
> From: Kevin Townsend <kev-rhea@mail.zynet.co.uk>
>
> But there are products available that put serious desktop security onto
> both 3.1x and 95 - in some cases rivaling NTW but at a fraction of the
> cost. So you can keep the business investment in existing training and
> applications, but gain the desktop security you need.
>
>Any that you can't bypass during bootup with Ctrl-C, or stick your own boot
>disk in, and see the whole file system with no privs???
>
>..And once you've authenticated yourself properly, do they prevent the user
>from changing system configuration settings?
Try Stoplock and AviBoKs. Both definately available for 3.1x: not sure
about 95.
AviBoKs lets you set privileges on a per-file basis, so all one has to do is
remove write privs to the sys config files, and hey presto! Users can no
longer REM out the command to load AviBoKs and thus bypass system security
in its entirety. I believe that Stoplock can do the same, but I've never
administered it so I'm not sure.
Geoffrey Leeming 0171 592 3007 - Office Direct Dial
Consultant 0171 836 0567 - Fax
Indicii Salus Ltd. 0956 844 168 - Mobile
