dan@blender.UUCP (Dan Keizer) (01/28/90)
Patrick.Mcclendon@f36.n376.z1.FIDONET.ORG (Patrick Mcclendon) writes: >I need a program to keep an unwanted roommate off my hard drive. >He knows how to use Cntrl-C to stop batch files with password protection >schemes. Need something good. >-- >-- >Patrick Mcclendon == ...!usceast!uscacm!36!Patrick.Mcclendon Look at a program called PC-LOCK. It's shareware .. available on Simtel20 I believe under sysutl. I have seen it and it has *good* protection. Mods the boot sector so when you boot off a floppy, you can't see the hard drive and can't change to it. It has to boot from the hard drive to access it properly, and once it does that, you can't get out of the programs in config.sys which contain the security things. As well, the newer version has multiple users, and allows you to give access to these people but restricting them to certain programs in the autoexec and not allowing htem to shell out to dos if you so desire. Looks impressive, but I havne't played with the new features, as I have no use for it at this time. Hope that helps. Dan.
msm@vpnet.UUCP (Matt Minogue) (01/30/90)
You can modify your command.com execute another program rather than autoexec.bat. What you want to do is really simple. Write a program which prompts for a password (make sure you disable Ctrl-Break and Ctrl-C)... upon successful password, have your password program begin executing autoexec.bat. Hope this helps...
iisakkil@niksula.hut.fi (Mika R Iisakkila) (02/02/90)
Here's a piece of Turbo C code:
passwd.c:
#include <stdio.h>
#include <conio.h>
#include <process.h>
main(argc,argv)
int argc;
char **argv;
{
char *s;
char *envp[1] = {NULL};
for(;;) {
s = getpass("Password : ");
if (!strcmp(s,"some_string")) {
if (execve(argv[1],argv+1,envp)) exit(0);
}
}
}
, where 'some_string' is a password you'd like to use.
Compile this to passwd.exe and put a line
'shell=c:\passwd.exe c:\command.com' in your config.sys.
After booting the computer will prompt for a password;
command.com won't be run unless the password is given correctly.
If your roommate is clever enough, he'll boot the computer from a
dos diskette, in which case passwd.exe won't be able to do anything...jec@nesac2.att.com (John Carter ATLN SADM) (02/05/90)
In article <3385.25c5a7b5@vax5.cit.cornell.edu>, tt3x@vax5.cit.cornell.edu writes: ] In article <234.25C2B9DD@uscacm.UUCP>, Patrick.Mcclendon@f36.n376.z1.FIDONET.ORG (Patrick Mcclendon) writes: ] ] I need a program to keep an unwanted roommate off my hard drive. ] ] He knows how to use Cntrl-C to stop batch files with password protection ] ] schemes. Need something good. ] ] -- ] ] -- ] ] Patrick Mcclendon == ...!usceast!uscacm!36!Patrick.Mcclendon ] ] You might want to try the following: ] ] 1) Lock your keyboard using the keylock feature of your ibm (most have ] them) when you're not on the computer. ] ] 2) If you don't have a keylock, you can create "hidden subdirectories ] " by making different directories implementing control characters and such. The REAL solution is to use a Tigersafe (or equivalent) board that requires a password, can't be bypassed by Control-C, Control-Break, or booting from a floppy. This solution is expensive (about $125 - $150), but is secure. The alternate is a software lock that uses a Control-break 'catcher' that is loaded via config.sys. It can be bypassed by booting from floppy (as can most of the software locks). The exception in software locks is the device driver that modifies the data and/or disk structure and therefore cannot be bypassed. The data on the disk is unreadable unless the correct password is entered. This isn't cheap either. Cheap ways: 1) encrypt the file(s) 2) use Norton or Mace to make the file 'hidden' -- USnail: John Carter, AT&T, 401 W. Peachtree, FLOC 2932-6, Atlanta GA 30308 Video: att!nesac2!jec attmail!jecarter Voice:404-581-6239 | WB4HLZ The UNIX machine belongs to the company. The opinions are mine. | AFB2RY
trent@uncecs.edu (Glenn Jordan) (02/07/90)
As regards using PC-LOK to prevent unauthorized hard drive access - I test installed it on my system a couple of years ago, and promptly lost the un-install floppy due to a bizarre accident (don't ask). I found NO WAY of uninstalling or bypassing the protection, short of a low-level format of the drive. A regular DOS format, and partition deletion/recreation did nothing but erase my data, the protection was still in place. In summary, it worked really well...
deal-jc@cscosl.ncsu.edu (James C. Deal) (02/07/90)
There is one way to get through the protection scheme used by pc-lock (but it can be risky.) What you do is pull the power plug from the hard drive then boot from a floppy. After booting, plug the hard drive back in. This defeats the scheme that makes the system always use the modified boot procedure from the hard drive. I had to use this method because my friend gave me the shareware test copy to try out myself, but forgot to give me the ORIGINAL password file. Thus when I installed it, my password got overlayed on what was already there and effectively locked me out of the system. I don't really feel this is a flaw with the software; it allows you to get into the machine, but with a LOT of trouble. Typically, people won't be taking the case apart to get at the software. -------------------------------------------------------------------------- deal-jc@cscosl.ncsu.edu James Deal
alawlor@dit.ie (Aengus Lawlor) (02/08/90)
In article <217@nesac2.att.com>, jec@nesac2.att.com (John Carter ATLN SADM) writes: > In article <3385.25c5a7b5@vax5.cit.cornell.edu>, tt3x@vax5.cit.cornell.edu writes: > ] In article <234.25C2B9DD@uscacm.UUCP>, Patrick.Mcclendon@f36.n376.z1.FIDONET.ORG (Patrick Mcclendon) writes: > ] ] I need a program to keep an unwanted roommate off my hard drive. > ] ] He knows how to use Cntrl-C to stop batch files with password protection > ] ] schemes. Need something good. > ] ] -- > ] ] -- > ] ] Patrick Mcclendon == ...!usceast!uscacm!36!Patrick.Mcclendon > ] > ] You might want to try the following: > ] > ] 1) Lock your keyboard using the keylock feature of your ibm (most have > ] them) when you're not on the computer. > ] > ] 2) If you don't have a keylock, you can create "hidden subdirectories > ] " by making different directories implementing control characters and such. > > The REAL solution is to use a Tigersafe (or equivalent) board that requires > a password, can't be bypassed by Control-C, Control-Break, or booting from > a floppy. This solution is expensive (about $125 - $150), but is secure. > > The alternate is a software lock that uses a Control-break 'catcher' that is > loaded via config.sys. It can be bypassed by booting from floppy (as can most > of the software locks). The exception in software locks is the device driver > that modifies the data and/or disk structure and therefore cannot be bypassed. > The data on the disk is unreadable unless the correct password is entered. > This isn't cheap either. > > Cheap ways: 1) encrypt the file(s) > 2) use Norton or Mace to make the file 'hidden' The real cheap way? under DOS 3.3, make the first line of your autoexec @PASSWORD where PASSWORD is any program that will ask for a password, and will trap and ignore CTRL C or CTRL BREAK. As far as I know, CTRL C is only checked during screen I/O, and @PASSWORD won't get echoed. (that @ sign is a great addition to 3.3) trapping CTRL-BREAK shouldn't prevent major problems. Of course, that won't affect booting from floppy. If that is a problem, I have a (risky this) very short C program that copies your FAT to Floppy, and scrambles it. A boot floppy contains a program to copy the FAT back onto the hard disk from the floppy. I successfully used this for about 3 months 2 years ago, when I was in an open office. > -- > USnail: John Carter, AT&T, 401 W. Peachtree, FLOC 2932-6, Atlanta GA 30308 > Video: att!nesac2!jec attmail!jecarter Voice:404-581-6239 | WB4HLZ > The UNIX machine belongs to the company. The opinions are mine. | AFB2RY -- Aengus Lawlor Dept of Computer Science. Time flies like an arrow, ALAWLOR@DIT.IE Dublin Institute of Technology. Fruit-flies like a banana Kevin Street. Dublin 8. Ireland.
daly@masscomp.ccur.com (Patrick Daly) (02/10/90)
In article <1990Feb7.155852.29068@ncsuvx.ncsu.edu> deal-jc@cscosl.UUCP (James C. Deal) writes: [text deleted] >I don't really feel this is a flaw with the software; it allows you to get >into the machine, but with a LOT of trouble. Typically, people won't be >taking the case apart to get at the software. ^^^^^^^^^^^^^^^^^^^^^ But just in case you run into people who do pull it apart, keep this in mind: As an optional method of preventing someone from messing around with your system, you might consider going with something low tech but effective. There is a product called "PC Fortress" which is simple a LOCKING box which is big enough to fit the PC and the keyboard. Is has a wide slot in the back for cooling and cables. If you need to use them, there are slots in the top of the cabinet so you can bolt your monitor down to the cabinet. Finally, the cabinet itself can be bolted down to a desk if you're afraid someone will walk away with the whole thing. Patrick Daly
amichiel@rodan.acs.syr.edu (Allen J Michielsen) (02/13/90)
In article <9532@masscomp.ccur.com> daly@masscomp.UUCP (Patrick Daly) writes: >In article <1990Feb7.155852.29068@ncsuvx.ncsu.edu> deal-jc@cscosl.UUCP (James C. Deal) writes: >[text deleted] >>taking the case apart to get at the software. > ^^^^^^^^^^^^^^^^^^^^^ >But just in case you run into people who do pull it apart, keep this in mind: >As an optional method of preventing someone from messing around with your >system, you might consider going with something low tech but effective. ....more While I'm not making any adds here for computer acessory vendors...... To 'protect' my hard disk & system from 'casual' 'playing' & unauthorized use, I have done the following. I purchased a lock box that goes over the power paddle of all IBM & same clone style cases. It requires a key to open to turn the power on (or off -- excluding unplugging it). It also has a flap on it, which covers 2 of the screws on the back, which as long as the case is not flip top, will not allow the system box to be opened with out a key. (of course - it's possible, but I mean with out obvious damage). Further the KEY used is a double sided key, which I gave up trying to pick after playing with it for over an hour one lunch time. (unlike most office cabinet keys which can .........). I also have seen adds for bios roms for xt clones which add the ps/2 password capability, at the expense for a new rom version. al
cmp8118@sys.uea.ac.uk (D.S. Cartwright) (02/13/90)
daly@masscomp.ccur.com (Patrick Daly) writes: >But just in case you run into people who do pull it apart, keep this in mind: > [ ... bits and pieces concerning bolting A to B to C deleted ... ] >Finally, the cabinet itself can be bolted down to a desk if you're >afraid someone will walk away with the whole thing. Yes ... then you find someone daft enough to walk off with the desk .... !!!!! @ }:^) @ Dave C, Department for the Prevention of the Stealing of Desks, UEA, Norwich. [Well, that's a lie actually ... it's actually the School of Information Systems ...]