Win95 security

Larry Baerveldt baervldt at hanover.edu
Thu Sep 26 15:52:15 EDT 1996


At 12:46 PM 9/26/96 -0700, you wrote:
>don't want them getting into.  The main thing we'd like to prevent that 
>doesn't seem possible with IKIOSK is access to DOS.  As it stands, the 
>students can still shut down the PC and restart it in MS-DOS mode.  Does 
>anyone know of a free or shareware program that could block access to the 
>"restart in MS-DOS mode" function?

You don't mention whether you're using Win 95 or not. Assuming you are, there
is a way to block the user from booting to the DOS prompt in Win 95. 

There's a file in the root directory of Win 95 called MSDOS.SYS that controls
this. Using the attrib function, remove the read-only, hidden and system 
attributes from the file, then edit it using any ascii editor. Find the
[Options]
section and change the line Bootkeys to read "Bootkeys=0" (without the quote
marks, of course). If the line isn't there, add it. Save MSDOS.SYS and reset the
read-only, system and hidden attributes. This should prevent the user from
breaking out of the Win 95 startup. I've tested it and it seems to work.

This and other security features using just the programs and functions built
into Win 95 are described by Richard Turner in the User-to-User section of
PC Magazine, July 1996, pp.357-358. I found his article very useful in 
protecting our own machines.


Larry Baerveldt
Reference Coordinator and Systems Librarian
Duggan Library
Hanover College
Hanover, IN  47243

Email: baervldt at hanover.edu
Phone: 812-866-7166
Fax: 812-866-7172
URL: http://www.hanover.edu/Library/



More information about the Web4lib mailing list