• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 235
  • Last Modified:

Network service security

Hi,

My question is I want to secure my network service when the computer boot and the network service start then the user enter the user name and password . Means i want a user login and password at the time of the network service start at boot time.

boot start..........service user name/password.....network service start............Administrator/user login.....

Note:I want at boot time password protect
when the computer available to ping other network computer

I have alos posted in the previous but now its some diffrence
http://www.experts-exchange.com/Networking/Q_21806508.html
0
Sam Panwar
Asked:
Sam Panwar
  • 5
  • 3
  • 2
  • +2
1 Solution
 
jabiiiCommented:
WHy not just make a bios password?
0
 
zgrpCommented:
Hello,

As spoken, not a user/password, but set a BIOS password can solve your problem.

Is intersting, to prevent some basic hacks:

- Upgrade the firmware of BIOS to the last version.
- Use a strong password.
- Disable CD-ROM, floppy, USB, ..., if not necessary.

Maybe you can give a try to Protect XP software, it have a evalution version, check it here:

http://www.quartzo.com.br/novo/downxp.htm

Hope this help,

Cheers
0
 
Sam PanwarSr. Server AdministratorAuthor Commented:
No I didn't need BIOS password becaouse its not for service its for system so and i want this for another purpose so please help me ..
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
uberpoopCommented:
ABS,
I read this and your other question.

I am thinking what you want to protect is the network, right?....
like if someone boots up the computer, before the pc is able to ping other pc's, you want the user to enter a password before they can ping.

As stated by others, this cannot be done in XP to any real degree. basically it is impossible.

But, there is network equipment that can make this happen...
Like Cisco Clean Access (CCA)... it is a network appliance...
When a computer is powered up, the network switch senses the link, then CCA will isolate that computer and require either username/password, or certain security checks on the computer, etc....
if the computer doesn't pass the tests, CCA will not allow anything on that port.

an example of similar technology would be wireless access at airports, etc. where before you can surf the web you have to enter the password or money.


obviously this method does not password protect the software network service in the operating system, but achieves basically the same goal.


0
 
zgrpCommented:
Hello,

But do you want it for a specific network service ? Or for any network service like windows share, rpc, database connections, ... ?

Cheers,
0
 
Rich RumbleSecurity SamuraiCommented:
Simple, try the syskey utility.
Start> run... and type in "syskey" press enter, then choose the password to boot. It pauses the OS before any major services start. BTW the network services does starts at the same time as the netlogon service, the netlogon service is responsible for authenticatiing you with the domain or the local SAM.
http://technet2.microsoft.com/WindowsServer/en/Library/5eed7068-f0f8-4650-ad8a-5c74ca6479571033.mspx
-rich
0
 
Sam PanwarSr. Server AdministratorAuthor Commented:
Hi,

Mr. uberpoop

Thank you for your inputs...

But this is possible from window ...I hear abt it

---------------------------------------------
HI zgrp -

window seriice which start when the system boot . like when we able to ping the computer

0
 
Sam PanwarSr. Server AdministratorAuthor Commented:
Hi Rich -

i will tr yand tell you about this ..
0
 
Sam PanwarSr. Server AdministratorAuthor Commented:
Hi Rich -

Its ask password but i want to this ask when the netlogon service start . How to set in the registry ???
0
 
Rich RumbleSecurity SamuraiCommented:
Cannot be done, unless you find a 3rd party program that does this for you. I can find none, nor can i find any real reason for one. If someone had physical access to a PC, the local password can be reset using a boot-floppy, or CD-rom disk. The HD can be removed, or the HD can be read by a CD-rom or floppy and the SAM (local user account, and even cached windows logon credentials) can be taken. http://www.foofus.net/fizzgig/pwdump/

The Syskey password starts before the network service, until that password is entered, you cannot ping that PC.
Good luck
-rich
0
 
uberpoopCommented:
if they have physical access they can plug in a laptop... running anything they want.

but that syskey looks cool... learn somethine new everyday.. .thanks mr rumble!
0
 
Rich RumbleSecurity SamuraiCommented:
NP, that's why I'm #1!
-rich ;p
0
 
Sam PanwarSr. Server AdministratorAuthor Commented:
Hi Mr. Rich ---

Yes I know that If someone had physical access to a PC, the local password can be reset using a boot-floppy, or CD-rom disk.  

Have you any other useful links for window security analysis and some like that ....
 point increase
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 5
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now