about Peter Davis+Assoc.
Security & Audit
Windows NT Server
One Bite At A Time
Denial of Service Security Features - Part 1
Denial of Service Security Features - Part 2
Reflexive Access Lists
Dysfunctional Controls: Useless, Impractical, Inefficient and Poorly-Designed
TCPA: Who Can You Trust?
When Getting the Audit Done Is the Only Thing
Palladium: Friend or Foe?
Commentary: Quis Custodiet Ipsos Custodes?
Data Management: Data Destruction and Preservation
- Security &
- Top Ten
- Security &
- Computer &
- Security &
- Search Page
Toronto, ON, June 1997
In 1995, Microsoft delivered the
long-awaited Windows 95. As supposedly it was a new
operating system, I anticipated that Microsoft would
build security in to the product. Well, it did and it
didn't. While, there were some built-in security features
provided, they were a far sight from what you might
expect from an operating system in 1995. Windows 95
These things are
promising. Unfortunately with the exception of Windows
NT, Windows' overall security has not kept up with the
value of the data you are storing on your system. All
other versions, including Windows 95, have one or more
gaping holes that can put you at risk to accidental
access or intentional snooping.
Here, then, are some
preliminary thoughts on bettering the security of your
Windows 95 system by controlling some of the more
Create a Startup disk
when installing Windows 95. If you didn't create
a startup disk when you installed your system,
then select the Add/Remove Programs option in the
Control Panel, and click on the Startup Disk tab.
Open the Passwords
applet in the Control Panel, click on the User
Profiles tab, and then click on "Users can
customize their preferences." Use the
Windows 95's Policy Editor from the Resource Kit
to set logon settings and access privileges
differently than the default Windows 95 logon.
Each logon can have individual privileges and
access to different files. You can severely limit
what a default logon can do.
To secure your
application passwords, open the Windows folder,
search for a file with the password extension of
.PWL, and delete the file. When you're prompted
to enter new passwords, ensure you have not
checked the Save Password box. Saving your
password is a sure fire way to ensure that
someone will steal your identity when they get
onto your PC.
Should you insist
upon using share-level security, protect your
directories. You can share a directory and hide
it from the Network Neighborhood browsing list by
adding a $ to the end of its share name (for
The solutions summarized
here are simple; however, the challenge is to discover
them. As I said in my last column, it's not difficult to
do these things. What is difficult is to discover
these solutions in the first place and then strictly
One place to look for
solutions is on the Internet. Start by checking out Microsoft Security Issues. You also might want to try LinkExchange and Windows 95 Help Pages. In addition, try the following
Usenet newsgroups: alt.windows.95.beta, alt.windows95, comp.os.ms-windows.apps.compability.win95, comp.os.ms-windows.apps.utilities.win95, comp.os.ms-windows.networking.win95, comp.os.ms-windows.setup.win95, comp.os.ms-windows.win95.misc, and comp.os.ms-windows.win95.setup. Connect to IRC channels
#Windows95 and #Win95 if you are so bent. Well there,
that should get you started. Oh by the way, if these
sources don't solve your problem, check out alt.os.windows.crash.crash.crash!