Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

Win95 FAQ Part 7 of 14: Networking
Section - 7.7. Win95 has (this security bug). How do I fix...

( Part1 - Part2 - Part3 - Part4 - Part5 - Part6 - Part7 - Part8 - Part9 - Part10 - Part11 - Part12 - Part13 - Part14 - Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Business Photos and Profiles ]


Top Document: Win95 FAQ Part 7 of 14: Networking
Previous Document: 7.6. How do I use these cool networking features...
Next Document: 7.8. Visiting Rich Graves' Win95NetBugs site for details
See reader questions & answers on this topic! - Help others by sharing your knowledge
     * 7.7.1. ...the "cancel" button on the login window? 
       
   You can demand log in for Win95 access, through system policies,
   if you use a central security provider with a Win95 client. This way,
   a failed log in or a canceled log in will give "Unable to log you in"
   errors. Be warned: CTRL-ESC at a login prompt will bring up the task
   manager, so you will also want to remove TASKMAN.EXE from that
   computer. Windows NT does not exhibit this bug, so if you're really
   paranoid about this bug you should consider using NT instead.
   
   Win95 is not as secure as Windows NT, but some other security measures
   will prove useful enough to keep the bad guys out. These include:
     * Remove the floppy drive from the computer once you install Win95
     * Disable REGEDIT.EXE via system policies, and rely on
       Remote Administration
     * Remove TASKMAN.EXE from the system; the task bar replaces it
       anyway
     * If you insist on keeping the floppy drive in the computer, force
       it (through BIOS setup) to always boot from Drive C.
       Password-protect your BIOS setup too.
     * Edit MSDOS.SYS to prevent Safe Mode booting, force the system to
       always boot into Win95 on power-up, and to set the boot delay to
       zero.
     * Hide components of the Control Panel, such as Network, via
       system policies. You can hide quite a few Desktop components
       via system policies too. Check them out.
         * 7.7.2. ...the Samba bug I heard about? 
       
   Install Service Pack 1. Or just disable the binding to File &
   Print Sharing for MS Networks to TCP/IP. Bring up TCP/IP properties
   for each net card, hit "Bindings", and turn off the binding to FPS for
   MS networks.
   
   Microsoft claims this bug happens when Samba clients issue "Illegal
   network commands" to the computer acting as a server. Fact is, this
   bug was in WFWG originally, and I suspect it's even in NT Server!
   Rich Graves has all the gory details. Microsoft seems to have
   many troubles with Samba clients and servers; there was even a Client
   for MS networks update in Service Pack 1 that fixed troubles with
   Win95 accessing a Samba server.

     * 7.7.3. ...the password caching bug? 
       
   Install Service Pack 1 or disable password caching via
   system policies.

     * 7.7.3.1. How do I disable password caching? 
       
   Password caching only happens if you have a Win95 network client
   installed, OR you have User Profiles enabled on a stand alone
   computer.
   
   The clients for NetWare and NT have separate caching restrictions
   (such as "Prevent caching of log on password") you can use, or you can
   disable password caching entirely, in the Network section of POLEDIT.

     * 7.7.3.2. How do I enable user level access to eliminate the need
       to cache passwords? 
       
   Read all about it in User level security. You will need a central
   security provider (like an NT domain or NetWare server) for this
   though.
   

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: Win95 FAQ Part 7 of 14: Networking
Previous Document: 7.6. How do I use these cool networking features...
Next Document: 7.8. Visiting Rich Graves' Win95NetBugs site for details

Part1 - Part2 - Part3 - Part4 - Part5 - Part6 - Part7 - Part8 - Part9 - Part10 - Part11 - Part12 - Part13 - Part14 - Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
gordonf@intouch.bc.ca





Last Update March 27 2014 @ 02:12 PM