act@softserver.canberra.edu.au (Andrew Turner) (04/23/91)
To minimise and manage virusses at our institution I wish to prevent PC's being booted off Drive A: and only permit booting off the Hard Disk. This of course immediately presents a management problem of what to do if the Hard Disk goes bad and I need to boot off a floppy. So ideally any solution needs to address this situation. Two possibilities spring to mind: a. Use of a ROM. This would sit in the appropriate address space and be detected during the BIOS boot. The code would need to at least prevent floppy boots and desirably check for a floppy with a particular label and if detected permit the floppy boot. This would overcome the problem of a clobbered hard disk. b. Use of hardware modifications connected to a key switch mounted on the case which would be used to enable/disable floppy boots. On our machines the keyboard lock could be used for this purpose. If you have a solution that does not address all the problems still respond. ALL suggestions help welcome. For option a., actual code and/or technical specs would be appreciated. For option b., specific details please. We run both Wyse 286's and PROTECH 386sx's(towers) all with hard disks. If I get a meaningful response I'll post a summary. -- Andrew Turner :-) | E-mail : act@csc.canberra.edu.au Comp. Services Centre | +61 6 2522414 / +61 6 2522401 University of Canberra |________________ fax +61 6 2522400 P.O. Box 1 BELCONNEN ACT 2616 AUSTRALIA |
B.C.Phillips@massey.ac.nz (B.C.M. Phillips) (05/01/91)
Hi, another suggestion that you may not be looking at that is quite cheap but does what you want is SECUREIT form Fresh Technologies. It is software security program that gives Password Protection to multiple possible user of the system, and it can allow you to section off parts of the disk(s) for access to certain users only. In its options it will/won't allow the user to boot off a floppy ( and therefore by-pass the security ), but it will allow a boot from the install disk so the installer can change the configuration if they need to boot from the floopy. Sounds good but its only a software fix you say?! Well when I was hacking around with it I somehow dis something major and then I could not reboot from floppy, as I had all the options installed. Well instead of being a weenie and reading the manual, I hacked and hacked it, finally resorting to formating the hard drive, and the damn thing was still on the boot disk, and not letting me reboot from floopy. OK so I then read the manual and fixed it in 5 mins. So I think its a pretty good product for the cost and the ease of use and what it will do for you. Cheers Brenden. B.C.Phillips@massey.ac.nz #include <std_disclaimer.h> BTW - they also make a nice Novell product that lets the supervisor see/type onto the screen of another station in realtime - Great if you don't like walking or its raining out there!! :)