Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Network scanners that run from a floppy
- Thread starter stavros0
- Start date
Can you boot from the CDROM or Floppy?
If so, take a look at and for some interesting tools.
You might also be able to run nmapNT from a floppy, the file size is about right. Try to test it out. I haven't tried it on XP, and if I remember correctly, you have to have administrator privileges to run it.
What are you trying to protect? A workstation in a public area that is behind your firewall?
pansophic
If so, take a look at and for some interesting tools.
You might also be able to run nmapNT from a floppy, the file size is about right. Try to test it out. I haven't tried it on XP, and if I remember correctly, you have to have administrator privileges to run it.
What are you trying to protect? A workstation in a public area that is behind your firewall?
pansophic
- Thread starter
- #3
Cheers for that.
We're running a network with terminals that have XP running with very little priviledges, ie no access to HDD or CD. so im just checking to see if anyone can run a password cracker or network scanner from the floppy.
I've also found out that even though the c: drive is not accessible the user can still access their "desktop" and save files to it. And win zip will let them run .exes through its unzip window.
Do you know anyway of blocking this?
Ta for the help so far.
S
We're running a network with terminals that have XP running with very little priviledges, ie no access to HDD or CD. so im just checking to see if anyone can run a password cracker or network scanner from the floppy.
I've also found out that even though the c: drive is not accessible the user can still access their "desktop" and save files to it. And win zip will let them run .exes through its unzip window.
Do you know anyway of blocking this?
Ta for the help so far.
S
John the Ripper should be capable of being run from a floppy. It is a command line password cracker that is very fast. You can get the executable at
Do you need to have the floppy drive accessible? You may want to disable it in the BIOS and simply password protect the BIOS.
I would be concerned about someone putting a keystroke logger on the machines more than a password cracker. I'd also be concerned about a sniffer, or someone simply rebooting with their own floppy or CDROM in the drive and it booting from there.
In theory, while you are running XP, the SAM file would not be accessible by the user, so a password cracker is moot. Unless they can run the rdist utility or there are backups of the SAM left on the disk. Or they can read the registry, which may contain passwords as well.
pansophic
Do you need to have the floppy drive accessible? You may want to disable it in the BIOS and simply password protect the BIOS.
I would be concerned about someone putting a keystroke logger on the machines more than a password cracker. I'd also be concerned about a sniffer, or someone simply rebooting with their own floppy or CDROM in the drive and it booting from there.
In theory, while you are running XP, the SAM file would not be accessible by the user, so a password cracker is moot. Unless they can run the rdist utility or there are backups of the SAM left on the disk. Or they can read the registry, which may contain passwords as well.
pansophic
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question