Advertising (This ad goes away for registered users. You can Login or Register)

Need help with protecting windows?

Discuss security issues on computers here.
Content that is judged "dangerous" might be removed without prior notice
Post Reply
thekornerkids
Posts: 80
Joined: Sat Sep 29, 2012 3:47 am

Need help with protecting windows?

Post by thekornerkids » Wed Sep 18, 2013 5:31 pm

does any one know how to do the following on windows 7?
-Password Protect the BIOS
-Disable Boot Menu and Sticky Keys
-Block Execution of Command Prompt and Batch
-Restrict DNS LookUp and NetView Results
-Disable File and Http Protocols in Excel

i will be presenting some thing to the head it and would like several solutions that may work planned out.
the above listed things i would like how to do will disrupt the methodology used and hopefully block a vulnerability in their system.

by restricting dns lookup i mean to have a ns1 and ns2 or some thing similar that then works with many sub-domains.
most sites only have ns1 and ns2 but the server in question has over 15 different sub-domains listed.

yes i know that some of these changes will need be made to the server and some will need to be made to each individual terminal computer.
Advertising

User avatar
Xian Nox
Retired Mod
Posts: 2749
Joined: Fri Nov 05, 2010 5:27 pm
Location: Over the hills and far away

Re: Need help with protecting windows?

Post by Xian Nox » Thu Sep 19, 2013 7:27 am

thekornerkids wrote:-Password Protect the BIOS
Has nothing to do with the OS, check the BIOS settings.
thekornerkids wrote:-Disable Boot Menu and Sticky Keys
How to disable sticky keys, first result of Google search
If you mean BIOS boot menu, check the BIOS. If you mean Windows boot menu, here's another google search result.
thekornerkids wrote:-Block Execution of Command Prompt and Batch
Delete/rename cmd.exe, or replace it with dummy program.
thekornerkids wrote:-Restrict DNS LookUp and NetView Results
Router firewall sounds like the most easy way
thekornerkids wrote:-Disable File and Http Protocols in Excel
Not sure if those can be disabled, and honestly I don't see a reason to.
thekornerkids wrote:by restricting dns lookup i mean to have a ns1 and ns2 or some thing similar that then works with many sub-domains.
most sites only have ns1 and ns2 but the server in question has over 15 different sub-domains listed.
I don't understand what you mean.

Are you trying to set up a demo PC? If so, why not just make the demo you're going to run on it capture Alt+F4s?
Advertising

thekornerkids
Posts: 80
Joined: Sat Sep 29, 2012 3:47 am

Re: Need help with protecting windows?

Post by thekornerkids » Thu Sep 19, 2013 4:14 pm

-Disable Boot Menu and Sticky Keys
The control panel doesn't come up though, maybe it's because it's a student account vs a admin account. So once I tell the admin he can do it.

-Block Execution of Command Prompt and Batch
Don't think that would work with executing batch files would it? If we were to rename them then would we need to rename all found in system files? I think there's several exes that open the command prompt like Cmd.exe, command prompt.exe, command.exe

-Disable File and Http Protocols in Excel
The reason id want to do this is because attacks can be carried out through this protocol. I did a DNS look up and found all subdomains made a link to them using excel and now I have read/write access how ever this subdomains has it's access blocked in all other ways that I've tried. In this manner you can access all student and staff data profiles and obviously cause malicious intent or intellectual theft.

What's alt-f4?

User avatar
codestation
Big Beholder
Posts: 1660
Joined: Wed Jan 19, 2011 3:45 pm
Location: /dev/negi

Re: Need help with protecting windows?

Post by codestation » Thu Sep 19, 2013 4:20 pm

thekornerkids wrote: -Block Execution of Command Prompt and Batch
Don't think that would work with executing batch files would it? If we were to rename them then would we need to rename all found in system files? I think there's several exes that open the command prompt like Cmd.exe, command prompt.exe, command.exe
Use the Group Policy Editor, you can block access to the command line and restrict the execution of batch files from there.
Plugin list
Working on: QPSNProxy, QCMA - Open source content manager for the PS Vita
Playing: Error: ENOTIME
Repositories: github, google code
Just feel the code..

User avatar
Xian Nox
Retired Mod
Posts: 2749
Joined: Fri Nov 05, 2010 5:27 pm
Location: Over the hills and far away

Re: Need help with protecting windows?

Post by Xian Nox » Thu Sep 19, 2013 5:01 pm

thekornerkids wrote:-Block Execution of Command Prompt and Batch
Don't think that would work with executing batch files would it? If we were to rename them then would we need to rename all found in system files? I think there's several exes that open the command prompt like Cmd.exe, command prompt.exe, command.exe
cmd.exe for Windows NT-based, command.com for Windows 95-based, iirc.
codestation wrote:Use the Group Policy Editor, you can block access to the command line and restrict the execution of batch files from there.
huh, never knew that. Do these permissions also apply to any copies of cmd.exe?
thekornerkids wrote:-Disable File and Http Protocols in Excel
The reason id want to do this is because attacks can be carried out through this protocol. I did a DNS look up and found all subdomains made a link to them using excel and now I have read/write access how ever this subdomains has it's access blocked in all other ways that I've tried. In this manner you can access all student and staff data profiles and obviously cause malicious intent or intellectual theft.
I'm sorry, I don't understand how these attacks work. Could you explain them in more detail?
If I understand it correctly, it's using the excel open prompt as a file manager. This is not limited to excel though, as said prompt is provided by the OS. I've used this on Word mostly, but it should apply to IE and Firefox as well as pretty much anything with a standard open prompt.
thekornerkids wrote:What's alt-f4?
A common key combination.

thekornerkids
Posts: 80
Joined: Sat Sep 29, 2012 3:47 am

Re: Need help with protecting windows?

Post by thekornerkids » Thu Sep 19, 2013 5:20 pm

If I understand it correctly, it's using the excel open prompt as a file manager. This is not limited to excel though, as said prompt is provided by the OS. I've used this on Word mostly, but it should apply to IE and Firefox as well as pretty much anything with a standard open prompt.
its using excels hyper-linking protocol to directly open a files directory, but this file directory is not-accessible by means of explorers address bar and the file directory is not listed as a remote location.

User avatar
codestation
Big Beholder
Posts: 1660
Joined: Wed Jan 19, 2011 3:45 pm
Location: /dev/negi

Re: Need help with protecting windows?

Post by codestation » Thu Sep 19, 2013 5:26 pm

Xian Nox wrote:Do these permissions also apply to any copies of cmd.exe?.
Just tried it in a VM. The copies give some error and doesn't give a prompt. A renamed cmd.exe in system32 gives the same error. Executing cmd.exe directly gives a blocked message and pressing enter exits cmd.

The group policy editor is a great place to start if one want to restrict things.
Plugin list
Working on: QPSNProxy, QCMA - Open source content manager for the PS Vita
Playing: Error: ENOTIME
Repositories: github, google code
Just feel the code..

thekornerkids
Posts: 80
Joined: Sat Sep 29, 2012 3:47 am

Re: Need help with protecting windows?

Post by thekornerkids » Thu Sep 19, 2013 8:07 pm

if any ones interested i put together a power point detailing to the methodology used
certain parts have been edited how ever as to keep the server anonymous and not compromise security any further
https://docs.google.com/presentation/d/ ... ide=id.p28

User avatar
onnz423
Posts: 147
Joined: Sat Dec 29, 2012 4:25 pm
Location: Finland

Re: Need help with protecting windows?

Post by onnz423 » Tue Nov 12, 2013 8:40 am

thekornerkids wrote: -Password Protect the BIOS
Again does not have anything do with operating system. When you boot your pc you should press delete or F1 i think to get to bios.
thekornerkids wrote: Disable Boot Menu and Sticky Keys
Hmm. Im not sure if this is possible. by locking your bios with password i think that some computers need go from bios to boot menu.
thekornerkids wrote: -Block Execution of Command Prompt and Batch
This is very easily made. Googling "Group policy" Should help


For 2 final questions i dont know answer.
Image
Image
Image
Image

Post Reply

Return to “Security”