Solved

Enable network adapter via script w/out registry access

Posted on 2006-11-02
3
1,460 Views
Last Modified: 2013-12-04
I came accross a problem recently that really peaked my interest (http://www.experts-exchange.com/Q_22045531.html).  In short they disabled the network adapter on a remotely hosted Server 2003 were looking for a way to reenable it via a script to be run at startup.  Their solution in the end was to restore from backup but I'm left with 2 questions as a result:

1.  Assuming someone has unfettered access to the filesystem but no access to the registry or OS is there a way to have files execute at startup by copying files to the appropriate location, giving files copied over the appropriate names, or editing existing files, or something similar?

2.  How do you prevent this if it is possible?
0
Comment
Question by:CharliePete00
  • 2
3 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17863868
In that case they were using a linux rescue CD with limited or no ability to write to the registry or NTFS drive. There are other linux rescue CD's that have that ability. If you have physical access, the scripts and screen savers mentioned will work also, to ease things a bit, take the HD out of that pc, and place it in another M$ pc as a second partition, you can easily change anything you want (other than the registry but it is possible), copy new .scr file, place a file/script in the "startup" directory of the account you'd log in as (c:\doc's and settings\user_name\Start Menu\Programs\Startup) and it will execute.
-rich
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 17863874
Prevention, don't shut off your only nic... or encrypt the HD fully. EFS cannot do this, but there are lots of 3rd party apps and HD's that can do this. Prevent unauthorized physical access to the PC. Have your hosting service place a second NIC in the PC, it should plug and play, and likely get DHCP address, unless it's a static IP.
-rich
0
 
LVL 7

Author Comment

by:CharliePete00
ID: 17867993
Thanks Rich, after I was well into helping I got to thinking that if you could enable a device via a startup script you could also do other things like add an account, reset passwords, install apps, etc.  and the whole idea didn't seem so good anymore...You're right physically securing the server is really the only way to go with ecrypting the partition as a good second.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question