Leonard Miyata wrote:
>
> As far as NTFS and (isolated host) C2 ratings, one of the requirements
> is no floppy drive. Unlike the DOS file system (FAT16), NTFS does
> support multiple user access control bindings. I understand that there
> exists a DOS utility to read NTFS partitions. If you have access to the
> NT machine, you reboot with a DOS system floppy disk, and with this
> utility, you can bypass all NT file access control
>
> Personal Opinions provided by
> Leonard Miyata
> aka leonard @
geminisecure .
com
> Gemini Computers Inc.
>
> On Wed, 25 Sep 1996, Chris Pugrud wrote:
>
> > Close on the C2 rating. NT was rated with NTFS and requires it. What
> > the rating excluded was networking. Although, there has been a lot of
> > noise on here lately that C2 does not cover or include networking. I'll
> > leave that to the pundits.
> >
> > Chris
> >
> > >-----Original Message-----
> > From: Joseph S. D. Yao [SMTP:jsdy @
cospo .
osis .
gov]
> > Sent: Wednesday, September 25, 1996 1:09 PM
> > To: dckinder @
ahcbsd1 .
ovnet .
com
> > Cc: Firewalls Mailing list
> > Subject: Re: NT Security
> > > Date: Fri, 6 Sep 1996 15:28:07 +0000
> > > From: dckinder @
ahcbsd1 .
ovnet .
com
> > > Subject: NT Security
> > ...
> > > So far, however, I have been unable to obtain technical information
> > > on NT-based security questions. I would like to be able to have at
> > > least a journeyman's understanding of this subject as well.
> > >
> > > If somebody could direct me to a website or a book or other source of
> > > information that deals specifically with NT security, I would
> > > appreciate it.
> >
> > When I was putting together some material a couple of years ago, the
> > only source was a few pages out of the huge (and expensive) four-volume
> > Microsoft administrators' reference manual. A quick Web search does
> > turn up:
> >
> > Trusted Systems' Windows NT Security textbook
> > http://somarsoft.com/security.htm
> >
> > and other sporadic network resources. Just enter "Windows NT security"
> > to Alta Vista and watch the resources pop up.
> >
> > Much has been made of NT's "C2" certification. I've heard that it was
> > certified without the standard NT file system; and with that file
> > system, it can't be certified. Beware.
> >
> > --
> > Joe Yao jsdy @
cospo .
osis .
gov - Joseph S. D. Yao
> > COSPO Computer Support EMT-A/B
> > -----------------------------------------------------------------------
> > PLEASE ... send or Cc: all "COSPO Computer Support" mail to
> > sys-adm @
cospo .
osis .
gov
> >
> >Our company is just moving to NT. In the past, when we audited
workstations, it was relatively easy to review the users hard drive for
unsupported software or non company use of resources by using DOS
utilities such as PC TOOLS or NORTON.
Now that a workstation can be secured with a password and NTFS I had
presumed that booting from a floppy and using DOS utilities to scan the
hard drive would not work.
Occasionally, we would audit a pc without the knowledge of the user thus
we would not know the password.
What utility programs would permit an auditor to scan and view in text
format, an entire hard drive including NT File Systems? Will these also
permit the restoration and viewing of deleted files. If files are
password protected or NT encrypted, are you aware of any utilities that
will permit the viewing of the contents of these files?
Stewart Shinewald
References:
|
|
