Solved

Emergency Lockout

Posted on 2002-06-01
18
228 Views
Last Modified: 2013-12-28
Win98se computer.
Stand-alone/not networked except for ISP.
I have been asked to restrict access to all files, as the "manager" has been fired and yet other, responsible individuals, need to use the system.
How can I password protect(for the use of those responsible employees') the Win98se computer in the most effective way without the issue of the prior manager "slipping in" and thwarting through .pwl password deletion and such things?

Thanks
0
Comment
Question by:pallidin
  • 5
  • 3
  • 2
  • +6
18 Comments
 
LVL 41

Accepted Solution

by:
stevenlewis earned 150 total points
ID: 7049229
Take a look at these

QUOTE

Folder Guard helps you to keep sensitive files and folders safe and secure on your computer. It's highly

configurable and very easy to administer, with excellent documentation readily available. An Explorer-style

interface allows you to easily select folders to protect. You can choose to hide the contents of individual

folders, tag folders and contents as read-only, or render them unavailable and totally invisible. The

features work not only in Explorer, but also in any file dialog in other applications. The main program

is protected by an administrative password, and you can assign individual passwords to gain access to

protected folders. A separate program is included to let you quickly toggle the protection on and off.

Reviewed on May 17 2000.

UNQUOTE

http://www.zdnet.com/downloads/stories/info/0,10615,27466,00.html



QUOTE

Sentinel is an interesting security utility you can use to apply very specific restrictions to files

on your PC. It runs from the system tray, enforcing restictions you've imposed on selected files and

folders. The specific security options are available from a new tab the program adds to the Properties

dialog box you can access by right-clicking any file or folder in Explorer. You can log and/or deny

access to any unauthorized user that attempts to open, read, and/or write to files, and you can deny

access to the contents of selected folders. An available control panel allows you to toggle this functionality

on and off, and turn it off for a specific period of time. Other features include stealth mode and logging

support. Sentinel is a snap to use, and provides the power and versatility you need to protect your

sensitive data files.

UNQUOTE

http://www.zdnet.com/downloads/stories/info/0,10615,49671,00.html



QUOTE

Encryption Plus? Folders Freeware is a fast easy-to-use program that performs on-the-fly encryption.

You just put your confidential files in a single folder and point-and-click. You don't have to think

about security or remember anything except your password. Folders Freeware does all the work behind

the scenes, encrypting and decrypting your files automatically and transparently as you use them. Super

easy-to-use. Windows 95/98/ME and Windows NT/2000 compatible. Full-featured versions of Encryption Plus?

for Folders are available for purchase in Standard and Enterprise editions.

UNQUOTE

http://www.pcguardian.com/folders_download/index.htm



Windows Security Toolkit

QUOTE

Restrict Access to Passwords Settings, Restrict Access to Network Settings, Restrict Access to Display

Settings, Restrict Access to Device Manager, Restrict Access to Hardware Profiles , Restrict Access

to Virtual Memory Setting, Restrict Access to File System Setting, Restrict Access to Printer Setting,

Restrict User from adding Printer, Restrict User from deleting Printer, Hide Printers General and Details

Pages, Hide System Settings Control Panel, Restrict Access to Modem Settings, Restrict Access to Regional

Settings, Restrict Access to Internet Settings, Restrict Access to Multimedia Settings, Restrict Access

to Add/Remove Programs, Restrict Access to Power Management, Hide All items on the desktop, Remove Favorites

Folder from the Start Menu, Remove Documents Folder from the Start Menu, Hide the task bar settings

from the Start Menu, Remove Find Command from the Start Menu, Restrict changes to enabled Active Desktop,

Disable use of Active Desktop Feature, Clear the recent Documents when Windows Exits, Disable Modification

of Start Menu, Remove the Run Command from the Start Menu, Remove the Folders from the Start Menu, Remove

the Help Option from the Start Menu, Disable File Sharing over the network, Disable Printer Sharing

over the network, Hide Shared Passwords With Asterisk, Disable Save Password Option in DUN-NT, Don't

display Username on logging in NT, Disable Caching of NT Domain Password, Hide Workgroup Content from

Network Neighborhood, Remove Entire Network from Network Neighborhood,Fix DHCP Security Bug in Windows

9x/NT/2000 to stop hackers from accessing your system, Hacker Guard - Disables Hackers from using a

modem to access the Internal Network, Disable MS-DOS mode in windows, Disable use of real mode Dos

Applications, Reset the Content Advisor and Ratings Password, Disable Internet Explorer Content and

Ratings Advisor, Restrict User from changing Internet Explorer Advanced Settings, Restrict User from

Accessing your personal profiles in Internet Explorer, Restrict User from Accessing Information from

your Internet Explorer Wallet, Disable ability to run registry editing tools, Disable Windows Password

caching ability, Restrict access to event logs in Windows NT and 2000, Disable use of Windows Hot Keys.

UNQUOTE

http://sensor.hypermart.net/winsecure.htm




iProtect Offers Serious PC Protection

QUOTE

Upgraded software locks, encrypts, hides, and even shreds your files. But don't not forget your password.


To paraphrase an old saying, just because you're paranoid doesn't mean someone's not after you. Or your

files.

Whether you are paranoid or just being cautious, a company called International Software Solutions wants

to help. It offers a product called iProtect, a Windows-based software utility that can, with a couple

of clicks, lock, encrypt, hide or shred files right on your desktop computer. iProtect keeps them confidential

and prevents accidental deletion. "It's a good little tool for the end user," says Diana Kelley, senior

security analyst at the Hurwitz Group.

UNQUOTE

http://www.rapidcontent.com/netscape/chn/990901.x.0.pcworld.p.a.serious.html



Magic Folders

QUOTE

Your invisible folders and files can't be deleted, viewed, modified, or run. For all practical purposes

they don't exist. Use Magic Folders to protect your finances, taxes, business and personal documents.

Others won't know these files exist and they won't be able to accidentally delete or modify them either.

With Magic Folders you can turn your computer over to your children or co-workers without worrying if

they'll delete, modify or view important files.

UNQUOTE

http://www.pc-magic.com/des.htm



Steganos 3 Security Suite

QUOTE

02-23-2001 - The Steganos 3 Security Suite is a complete, easy to use security package. Steganos encrypts

and conceals your data. The Steganos Safe is your secure hard drive, which disappears at the click of

a button. Includes: Internet Trace Destructor, file shredder, e-mail encryption, password manager, and

computer locking

UNQUOTE

http://www.steganos.com/en/


Winlock is now freeware

QUOTE

Major features of WinLock:

Lock Windows at system boot

Lock Windows at suspend

Lock, Suspend or Shutdown easily with once click

Powerful schedule Shutdown/Restart/Suspend system

Autosave applications on Shutdown time

Autorun saved applications when system start

Autorun any applications when system start

Advanced power management

Windows List with Show/Minimize/Maximize/Hide functions

Process list with Icon/ID/Type/Priority/Kill functions

Powerful administration tools

UNQUOTE

http://winlock.virtualave.net/


Other considerations

http://www.scramdisk.clara.net/

http://www.e4m.net/

http://www.fortunecity.com/skyscraper/true/882/SecureTrayUtil.htm




0
 
LVL 3

Author Comment

by:pallidin
ID: 7049240
Excellent info, indeed!!!!!  Will wait for any more.
0
 
LVL 3

Author Comment

by:pallidin
ID: 7049242
Excellent info, indeed!!!!!  Will wait for any more.
0
 
LVL 3

Expert Comment

by:ITsheresomewhere
ID: 7049264
Change the lock on the door.  Step 1

Remove the floppy drive.

Bios password the computer

Put a keyboard lock on the computer

Use a removable hard drive

Move the pc to a secure area till things
blow over.

Bios password the computer.

Post guards

0
 
LVL 31

Expert Comment

by:rid
ID: 7049267
Hehe... I think you get the picture - it can't be done with the O/S....
Unless third-party software is an option, you need to keep the individual away from the computer.

Regards
/RID
0
 
LVL 3

Expert Comment

by:pleasenospam
ID: 7049273
While you figure out a long term solution, this "quick and dirty" method is easy to
install.  I suggested it as an answer to another EE question, but it was not
accepted as an answer.  Since then I have installed it on my system and it works great!
It consists of a simple modification to AUTOEXEC.BAT that uses the DOS CHOICE command
to call a free DOS POWER OFF utility from the Netherlands.
So far I haven't noticed any
malicious code in the utility.

The idea is that most of us don't need a high-powered password method.  We just
want something that will protect our system from intrusive guests or baby sitters.

The usual SHUTDOWN commands (RUNDLL and RUNDLL32) won't work because they run
from Windows and at LOGON time the system is still in DOS.  This tiny utility
may work for you.  Sure, it is only a single-digit
password, but you have an
enormous number of characters to choose from.  Also, it
provides additional protection
in two ways:

1. It isn't obvious that the system is waiting for a password;
2. It is impossible to guess, because the system shuts down with power off.

Here is the thread here at Experts Exchange:

http://www.experts-exchange.com/win98/Q_20304813.html



0
 
LVL 3

Expert Comment

by:pleasenospam
ID: 7049275
And here are the modifications to AUTOEXEC.BAT

I have tested this for Windows 98:

@ECHO OFF
CLS
REM Updated 20020529
ECHO This batch program will drive would-be intruders crazy!
ECHO .
ECHO Do not run this program from Windows or as a standalone utility
ECHO .
ECHO Instead, copy the code to the beginning of AUTOEXEC.BAT
ECHO but delete these comments beginning with "Updated" down to "CHOICE".
ECHO Also, delete all of the "REM".  Change ~ to any password character.
ECHO .
ECHO Be sure to use the WINDOWS version of AUTOEXEC.BAT insted of the
ECHO "Restart to DOS" version.
ECHO .
ECHO When your computer arrives at AUTOEXEC.BAT, it is still in DOS.
ECHO RUNDLL or RUNDLL32 will run ONLY in Windows.
ECHO .
ECHO This batch program uses the free "POWEROFF.EXE" program to shutdown
ECHO your computer.  Be sure to test that the hard drive will not be
ECHO corrupted.  Test for corruption with SCANDISK or NORTON DISK DOCTOR.
ECHO .
ECHO Download: http://elektron.et.tudelft.nl/~witteman/PowerOff.html
ECHO .
PAUSE
EXIT
CHOICE /N /C:~! /T:!,05 ?
IF ERRORLEVEL 2 GOTO ABORT
GOTO OKTORUN
:ABORT
REM PW failed - Shutdown
C:\SYS\CMDS\POWEROFF.EXE
:OKTORUN
REM PW worked

0
 
LVL 23

Expert Comment

by:slink9
ID: 7049375
A locked door is the best security solution.  How can this employee get in there without being noticed?  Have you changed the locks?  If so, you don't have to worry about after-hours access.  You also shouldn't have to worry about working-hour access if everyone knows the employee has been fired and is working around the computer.
0
 
LVL 9

Expert Comment

by:MrBillisMe
ID: 7049811
Have used Lockit! for several years on a computer in a public place without any unwanted useage. It's free and available at;
http://kfsoft.cjb.net/
0
Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

 
LVL 3

Author Comment

by:pallidin
ID: 7054869
Greetings,
I appreciate everyones comments. Of course, I agree with the suggestions regarding changing locks, etc...
In this case, the problem was that the individual "manager" was put on "administrative leave" and therefore not fired, and no specific security measures were implemented.
After I posted the Q, the board decided to at least change the code on the alarm system, which left my Q somewhat moot. Even still, I was most interested in an answer.
In this case, I feel that both stevenlewis and MrBillsMe provided great info(everyone else had great advise as well). So, would like to split points between the two.

Thanks
0
 
LVL 3

Expert Comment

by:ITsheresomewhere
ID: 7055186
Sounds good with me

One additional suggestion, maybe this is a good time to make a "plan" as to what will be the actions to take for different "levels" of employees.  Nothing like a real situation to deliver the punch needed to push through changes.

And of course the disaster plan is up to date also.  This is but one kind of "disaster".

Good Luck and hope all works out well.

ITsy
0
 
LVL 3

Author Comment

by:pallidin
ID: 7063587
OK, I want to split points as per my last comment. What do I do?
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 7065584
post a zero point question in community support
http://www.experts-exchange.com/commspt/
asking them for help in this
be sure to include a link to this question in the body of your question there
0
 
LVL 2

Expert Comment

by:Griffon
ID: 7067258
I would suggest that the only way the old manager would be able to get to if it would be over the internet if he knows how. so it would not do anyharm at all to get some kind of software firewall (if you dont have it already) to go along with the normal file protection stuff. This will should make sure that no electronic intrusion can occur from outside the office and is always a good investment.
0
 
LVL 3

Author Comment

by:pallidin
ID: 7068325
Good call, Griffon. And steven, I will do that.
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 7068818
Greetings, I have split points for you as you requested in your Community Support questions.

Points for MrBillisMe -> http://www.experts-exchange.com/jsp/qShow.jsp?qid=20310081

Moondancer - EE Moderator
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 7071736
Thanks Moondancer!
Steve
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 7071747
Always happy to help. :)
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

Several part series to implement Internet Explorer 11 Enterprise Mode
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now