pallidin
asked on
Emergency Lockout
Win98se computer.
Stand-alone/not networked except for ISP.
I have been asked to restrict access to all files, as the "manager" has been fired and yet other, responsible individuals, need to use the system.
How can I password protect(for the use of those responsible employees') the Win98se computer in the most effective way without the issue of the prior manager "slipping in" and thwarting through .pwl password deletion and such things?
Thanks
Stand-alone/not networked except for ISP.
I have been asked to restrict access to all files, as the "manager" has been fired and yet other, responsible individuals, need to use the system.
How can I password protect(for the use of those responsible employees') the Win98se computer in the most effective way without the issue of the prior manager "slipping in" and thwarting through .pwl password deletion and such things?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Excellent info, indeed!!!!! Will wait for any more.
Change the lock on the door. Step 1
Remove the floppy drive.
Bios password the computer
Put a keyboard lock on the computer
Use a removable hard drive
Move the pc to a secure area till things
blow over.
Bios password the computer.
Post guards
Remove the floppy drive.
Bios password the computer
Put a keyboard lock on the computer
Use a removable hard drive
Move the pc to a secure area till things
blow over.
Bios password the computer.
Post guards
Hehe... I think you get the picture - it can't be done with the O/S....
Unless third-party software is an option, you need to keep the individual away from the computer.
Regards
/RID
Unless third-party software is an option, you need to keep the individual away from the computer.
Regards
/RID
While you figure out a long term solution, this "quick and dirty" method is easy to
install. I suggested it as an answer to another EE question, but it was not
accepted as an answer. Since then I have installed it on my system and it works great!
It consists of a simple modification to AUTOEXEC.BAT that uses the DOS CHOICE command
to call a free DOS POWER OFF utility from the Netherlands.
So far I haven't noticed any
malicious code in the utility.
The idea is that most of us don't need a high-powered password method. We just
want something that will protect our system from intrusive guests or baby sitters.
The usual SHUTDOWN commands (RUNDLL and RUNDLL32) won't work because they run
from Windows and at LOGON time the system is still in DOS. This tiny utility
may work for you. Sure, it is only a single-digit
password, but you have an
enormous number of characters to choose from. Also, it
provides additional protection
in two ways:
1. It isn't obvious that the system is waiting for a password;
2. It is impossible to guess, because the system shuts down with power off.
Here is the thread here at Experts Exchange:
https://www.experts-exchange.com/questions/20304813/I-need-to-password-protect-my-computer.html
install. I suggested it as an answer to another EE question, but it was not
accepted as an answer. Since then I have installed it on my system and it works great!
It consists of a simple modification to AUTOEXEC.BAT that uses the DOS CHOICE command
to call a free DOS POWER OFF utility from the Netherlands.
So far I haven't noticed any
malicious code in the utility.
The idea is that most of us don't need a high-powered password method. We just
want something that will protect our system from intrusive guests or baby sitters.
The usual SHUTDOWN commands (RUNDLL and RUNDLL32) won't work because they run
from Windows and at LOGON time the system is still in DOS. This tiny utility
may work for you. Sure, it is only a single-digit
password, but you have an
enormous number of characters to choose from. Also, it
provides additional protection
in two ways:
1. It isn't obvious that the system is waiting for a password;
2. It is impossible to guess, because the system shuts down with power off.
Here is the thread here at Experts Exchange:
https://www.experts-exchange.com/questions/20304813/I-need-to-password-protect-my-computer.html
And here are the modifications to AUTOEXEC.BAT
I have tested this for Windows 98:
@ECHO OFF
CLS
REM Updated 20020529
ECHO This batch program will drive would-be intruders crazy!
ECHO .
ECHO Do not run this program from Windows or as a standalone utility
ECHO .
ECHO Instead, copy the code to the beginning of AUTOEXEC.BAT
ECHO but delete these comments beginning with "Updated" down to "CHOICE".
ECHO Also, delete all of the "REM". Change ~ to any password character.
ECHO .
ECHO Be sure to use the WINDOWS version of AUTOEXEC.BAT insted of the
ECHO "Restart to DOS" version.
ECHO .
ECHO When your computer arrives at AUTOEXEC.BAT, it is still in DOS.
ECHO RUNDLL or RUNDLL32 will run ONLY in Windows.
ECHO .
ECHO This batch program uses the free "POWEROFF.EXE" program to shutdown
ECHO your computer. Be sure to test that the hard drive will not be
ECHO corrupted. Test for corruption with SCANDISK or NORTON DISK DOCTOR.
ECHO .
ECHO Download: http://elektron.et.tudelft.nl/~witteman/PowerOff.html
ECHO .
PAUSE
EXIT
CHOICE /N /C:~! /T:!,05 ?
IF ERRORLEVEL 2 GOTO ABORT
GOTO OKTORUN
:ABORT
REM PW failed - Shutdown
C:\SYS\CMDS\POWEROFF.EXE
:OKTORUN
REM PW worked
I have tested this for Windows 98:
@ECHO OFF
CLS
REM Updated 20020529
ECHO This batch program will drive would-be intruders crazy!
ECHO .
ECHO Do not run this program from Windows or as a standalone utility
ECHO .
ECHO Instead, copy the code to the beginning of AUTOEXEC.BAT
ECHO but delete these comments beginning with "Updated" down to "CHOICE".
ECHO Also, delete all of the "REM". Change ~ to any password character.
ECHO .
ECHO Be sure to use the WINDOWS version of AUTOEXEC.BAT insted of the
ECHO "Restart to DOS" version.
ECHO .
ECHO When your computer arrives at AUTOEXEC.BAT, it is still in DOS.
ECHO RUNDLL or RUNDLL32 will run ONLY in Windows.
ECHO .
ECHO This batch program uses the free "POWEROFF.EXE" program to shutdown
ECHO your computer. Be sure to test that the hard drive will not be
ECHO corrupted. Test for corruption with SCANDISK or NORTON DISK DOCTOR.
ECHO .
ECHO Download: http://elektron.et.tudelft.nl/~witteman/PowerOff.html
ECHO .
PAUSE
EXIT
CHOICE /N /C:~! /T:!,05 ?
IF ERRORLEVEL 2 GOTO ABORT
GOTO OKTORUN
:ABORT
REM PW failed - Shutdown
C:\SYS\CMDS\POWEROFF.EXE
:OKTORUN
REM PW worked
A locked door is the best security solution. How can this employee get in there without being noticed? Have you changed the locks? If so, you don't have to worry about after-hours access. You also shouldn't have to worry about working-hour access if everyone knows the employee has been fired and is working around the computer.
Have used Lockit! for several years on a computer in a public place without any unwanted useage. It's free and available at;
http://kfsoft.cjb.net/
http://kfsoft.cjb.net/
ASKER
Greetings,
I appreciate everyones comments. Of course, I agree with the suggestions regarding changing locks, etc...
In this case, the problem was that the individual "manager" was put on "administrative leave" and therefore not fired, and no specific security measures were implemented.
After I posted the Q, the board decided to at least change the code on the alarm system, which left my Q somewhat moot. Even still, I was most interested in an answer.
In this case, I feel that both stevenlewis and MrBillsMe provided great info(everyone else had great advise as well). So, would like to split points between the two.
Thanks
I appreciate everyones comments. Of course, I agree with the suggestions regarding changing locks, etc...
In this case, the problem was that the individual "manager" was put on "administrative leave" and therefore not fired, and no specific security measures were implemented.
After I posted the Q, the board decided to at least change the code on the alarm system, which left my Q somewhat moot. Even still, I was most interested in an answer.
In this case, I feel that both stevenlewis and MrBillsMe provided great info(everyone else had great advise as well). So, would like to split points between the two.
Thanks
Sounds good with me
One additional suggestion, maybe this is a good time to make a "plan" as to what will be the actions to take for different "levels" of employees. Nothing like a real situation to deliver the punch needed to push through changes.
And of course the disaster plan is up to date also. This is but one kind of "disaster".
Good Luck and hope all works out well.
ITsy
One additional suggestion, maybe this is a good time to make a "plan" as to what will be the actions to take for different "levels" of employees. Nothing like a real situation to deliver the punch needed to push through changes.
And of course the disaster plan is up to date also. This is but one kind of "disaster".
Good Luck and hope all works out well.
ITsy
ASKER
OK, I want to split points as per my last comment. What do I do?
post a zero point question in community support
https://www.experts-exchange.com/commspt/
asking them for help in this
be sure to include a link to this question in the body of your question there
https://www.experts-exchange.com/commspt/
asking them for help in this
be sure to include a link to this question in the body of your question there
I would suggest that the only way the old manager would be able to get to if it would be over the internet if he knows how. so it would not do anyharm at all to get some kind of software firewall (if you dont have it already) to go along with the normal file protection stuff. This will should make sure that no electronic intrusion can occur from outside the office and is always a good investment.
ASKER
Good call, Griffon. And steven, I will do that.
Greetings, I have split points for you as you requested in your Community Support questions.
Points for MrBillisMe -> https://www.experts-exchange.com/jsp/qShow.jsp?qid=20310081
Moondancer - EE Moderator
Points for MrBillisMe -> https://www.experts-exchange.com/jsp/qShow.jsp?qid=20310081
Moondancer - EE Moderator
Thanks Moondancer!
Steve
Steve
Always happy to help. :)
ASKER