Re: Strange security question.

Riki Rendradjaja (rreasv@alam1.lib.co.alameda.ca.us)
Thu, 16 May 1996 17:33:21 -0700

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Cary Gordon: "Re: Strange security question."
• Previous message: Children's Services, Sunnyvale Library: "Strange security question."
• Maybe in reply to: Children's Services, Sunnyvale Library: "Strange security question."
• Next in thread: Cary Gordon: "Re: Strange security question."

Hi JoAnn-
I think if you use a non-standard name for windows directory, hiding the
directory name is good enough. No need to hide the files. Besides we all know
that there is a win.ini file for instance.

Just a little suggestion: be careful when you use hide/readonly attrib,
especially with /s. Also be specific, eg. attrib \trumpet\*.cmd +r.

Riki Rendradjaja
Automation Services, Alameda County Library

************************** Original Message *************************

From: sunlib2@best.com (Children's Services, Sunnyvale Library)
Date: Thu, 16 May 1996 14:53:20 -0700
To: Multiple recipients of list <ip-tec@library.berkeley.edu>
Subject: Strange security question.
Reply-To: ip-tec@library.berkeley.edu

I'm going to have to preface this question with a long story.

I was trying to make all my files hidden, like we learned in the security
workshop. I run windows 3.1 with Direct Access as the shell to keep people
out.

Suddenly, there was some kind of error, the computer froze, and when I
rebooted Direct Access would start up and then freeze with no menu choices
or buttons available. I booted up from my backup floppy, and of course all
the dos files were hidden as well. I used the attrib command to make them
visible, found that nothing would work, and had to dump the whole windows
directory and reload windows. Then Ifound out that I had to reload netscape
and direct access as well, since some of their files were in the windows
directory. This was about three hours of trial and error, since I (used to)
know nothing about DOS.

So last night I tried the hidden thing again. The same thing happened-but
this time as I was tearing my hair out, I noticed that when I went into DOS
and used the attrib -h /s command to make the files unhidden, I got a
message saying that there were threefiles that the -h did not work with-
they were IO.SYS, MSDOS.SYS, and 386SPART.PAR. After a little trial and
error, I found that if I used the attrib command for each to take off the
system, hidden and read only attributes, then put the system attribute back
on, the computer worked fine. And only 15 minutes instead of 3 hours!

My question is: why does making these hidden conflict with Direct Access?
And what can I do about it? If everything on this computer is hidden except
for these three system files, it'll be like a big flag to hackers saying
PLEASE MODIFY THIS.

JoAnn Rees

• Next message: Cary Gordon: "Re: Strange security question."
• Previous message: Children's Services, Sunnyvale Library: "Strange security question."
• Maybe in reply to: Children's Services, Sunnyvale Library: "Strange security question."
• Next in thread: Cary Gordon: "Re: Strange security question."

For information about training, or using materials found on this website, please contact the Infopeople Project Assistant by email at assist@infopeople.org or by phone at 650-578-9685.

© 2008 Infopeople Project. Material on this website is licensed under a Creative Commons License. The Infopeople Project is supported by the U.S. Institute of Museum and Library Services under the provisions of the Library Services and Technology Act, administered in California by the State Librarian.