Solved

Enable network adapter via script w/out registry access

Posted on 2006-11-02
3
1,456 Views
Last Modified: 2013-12-04
I came accross a problem recently that really peaked my interest (http://www.experts-exchange.com/Q_22045531.html).  In short they disabled the network adapter on a remotely hosted Server 2003 were looking for a way to reenable it via a script to be run at startup.  Their solution in the end was to restore from backup but I'm left with 2 questions as a result:

1.  Assuming someone has unfettered access to the filesystem but no access to the registry or OS is there a way to have files execute at startup by copying files to the appropriate location, giving files copied over the appropriate names, or editing existing files, or something similar?

2.  How do you prevent this if it is possible?
0
Comment
Question by:CharliePete00
  • 2
3 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17863868
In that case they were using a linux rescue CD with limited or no ability to write to the registry or NTFS drive. There are other linux rescue CD's that have that ability. If you have physical access, the scripts and screen savers mentioned will work also, to ease things a bit, take the HD out of that pc, and place it in another M$ pc as a second partition, you can easily change anything you want (other than the registry but it is possible), copy new .scr file, place a file/script in the "startup" directory of the account you'd log in as (c:\doc's and settings\user_name\Start Menu\Programs\Startup) and it will execute.
-rich
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 17863874
Prevention, don't shut off your only nic... or encrypt the HD fully. EFS cannot do this, but there are lots of 3rd party apps and HD's that can do this. Prevent unauthorized physical access to the PC. Have your hosting service place a second NIC in the PC, it should plug and play, and likely get DHCP address, unless it's a static IP.
-rich
0
 
LVL 7

Author Comment

by:CharliePete00
ID: 17867993
Thanks Rich, after I was well into helping I got to thinking that if you could enable a device via a startup script you could also do other things like add an account, reset passwords, install apps, etc.  and the whole idea didn't seem so good anymore...You're right physically securing the server is really the only way to go with ecrypting the partition as a good second.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question