I'm a (noob) administrator of a little network. For business purpose I have some Windows 7 PCs and a 2008 Server.
While doing the setup, something has come to my mind: is it possible for a user without high privileges to install some kind of software using a live usb?
Ok, it's possible to reset admin password, manage partitions, etc. but can someone do that without change admin settings? just putting software in admin's (or else) directory and editing the windows register?
Thanks!
I would say: Yes. If someone manages to boot the machine from a live usb-stick, cd, dvd or whatever, he can:
Mount the disk with the windows-installation.
Read and Write to that disk.
Install software on that disk: Installing software is not much more than copying files from one place to another.
Possibly modify the registry: The registry must also be stored somewhere on the disc. If the user can access that file, he can modify it and therefore modify the registry (its another question if this are valid manipulations).
You can prevent access to the harddisk by using Windows 7 BitLocker.
It is not possible to mount the drive from a live system when it is activated:
Here is a guide how to do this:
BitLocker Guide
Related
Long story short, windows 10 is utterly broken on my laptop after it automatically installed some updates. It's now stuck in a loop which always ends up saying "Undoing changes made to your computer"
I can't get into the BIOS.
I can't get into the Windows Recovery Environment.
Been talking to MS support for far too long so far, so I'm wondering if it's possible to add it as a secondary disk drive to another machine that does work, and manually remove any updates that were installed directly through the filesystem?
The only solution MS were willing to offer was to format the whole drive and re-install windows.
When I moved the HDD into a working windows 7 machine it actually prompted a chkdsk to run over the disk.
It found a whole load of orphaned files, not sure if that was really the cause, but after backing up as many files as I had access to, I put the drive back into the other machine and now it boots.
tl;dr, chkdsk fixed it.
I was stuck in this loop last night
machine configuration : Dell Inspiron
windows 10 (original)
What the one thing you can do is to use an application name Dell usb recovery tool. You will have to format you whole computer be it c:// or any other. You will need an extra hard drive to make a backup.
the process goes like this.
You will have to install the above application on other computer and open it and fill your service tag and make that pen drive bootable with that application.
Now plug in that pen drive to the laptop.
Go for troubleshoot.
Repair.
Install new original os.
It will ask for backup make a backup to other HDD.
Install and recover your backup.
apologies for vague description but essentially I have a Linux box (Ubuntu) which has three drives. The first drive is formatted with a Linux format (I'm not sure which one but probably irrelevant) and the second and third drives are NTFS as they have been shares on a windows network.
Can I just reformat the first drive to NTFS and install windows? Would I expect windows to see drives 2 and 3 as they are already NTFS drives?
Thanks
Backup/Image your system before doing any changes, if the system is critical.
Yes, begin Windows installation process. There will be a point in the installation where you will be asked to select the drive/partition on which Windows should be installed. Your first drive will be listed. You can wipe it off and choose the entire drive for Windows. Default NTFS will be created for you.
If you have trouble, create gparted live CD and boot system with it. It will allow you to wipe off the first drive. Then install Windows on that drive.
Yes, Windows will see drive 2 and 3.
Also, you will get some nice help on https://serverfault.com/ if there are complications with disk setup (RAID/LVM etc.).
I was curious as DigitalOcean provide us with root password reset option, as I have been working towards virtualization about 3 months and never came across direct way to do so.
Like openstack offers such option only for xen, where as if I am not wrong Digital Ocean provides for KVM. Also proxmox and other stacks do not provide this option.
So I need to know how these guys managed to do so.
One thing I know is that if I can access the file system then I can edit the shadow file but, In virtual environment Machine is in templete form not in Open File system state.
I was wondering if there is any root backdoor in OS itself provided by DO using which they change password on request ?
Thanks
If you turn off your virtal machine, all you have is the whole "virtual hard drive" file on "real hard drive" in a real machine. It's a common file system that can be parsed and managed from outside with no problem (unless it is encrypted).
So there's no reason for you to NOT be able to access the filesystem of the virtual machine, including the shadow file.
This is typically done using cloudinit... No hackery involved
I recently installed a SSH server on my Windows 7 PC and created a separate user account for this. When i logged in using SSH, i could access all the windows directories.
/cygdrive/c
/cygdrive/d
/cygdrive/e
How do i prevent this user from accessing all the win directories other than its home directory under cygwin /home/chuck/ ?
Preferably i do not want the user to even view /cygdrive when the user types "mount".
Is there a easy way to do this?
I want to later allow remote users to log on to this machine and avoid messing up other things.I know i can setup a separate machine but this is a plan for later.
I don't know specifically about Cygwin but in Unix in general you could use the chroot.
try changing the group of the ssh_user_name to Guest, then specifically allow rwx perms for the Guest group through the security tab in Windows. I have not tried this before, which I am going to try soon. This should be easier than denying access to each drive by adding the ssh_user_name, which is highly inefficient if you have many drives like I do.
The reason why i chose guest is because by default it is denied all access, which makes it easier to specifically choose which drive you want the ssh_user_name to have access to.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I'm a blind student currently in a system admin/shell programming class. Although ssh works fine for executing commands like ls, pwd, etc editors do not work well with my screen reader and an ssh session. I was wondering if it is possible to mount a Linux folder over ssh so it appears as a windows drive? This way I could edit any files I needed to with accessible software and not have to constantly use SCP to send files back and fourth.
Back in 2002, Novell developed some software called NetDrive that can map a WebDAV, FTP, SFTP, etc. share to a windows drive letter. It is now abandonware, so it's no longer maintained (and not available on the Novell website), but it's free to use. I found quite a few available to download by searching for "netdrive.exe" I actually downloaded a few and compared their md5sums to make sure that I was getting a common (and hopefully safe) version.
Update 10 Nov 2017
SFTPNetDrive is the current project from the original netdrive project. And they made it free for personal use:
We Made SFTP Net Drive FREE for Personal Use
They have paid options as well on the website.
Dokan looks like a FUSE and sshfs implementation for Windows. If it works as expected and advertised, it would do exactly what you are looking for.
(Link updated and working 2015-10-15)
The best an easiest solution I found is https://github.com/billziss-gh/sshfs-win, connected servers shows up as a fully functioning network drives. This is not a 'Dokany' or 'dokan' based solution which from experiance seems more stable and performant, also see WinFsp Performance Testing.
Please note previously this answer stated, https://github.com/Foreveryone-cz/win-sshfs and before that http://www.swish-sftp.org/ but I no longer use any of them, first one stopped working second one created drives not fully supported in all programs.
Another, more Windows-y option (for $39) is http://www.expandrive.com/sftpdrive
Take a look at CIFS (http://www.samba.org/cifs/). It is a virtual file system you can run on your linux machine that will allow you to mount folders on your linux machine in windows using SMB.
CIFS on linux information can be found here: http://linux-cifs.samba.org/
You need to mount a remote share on your windows machine. This is what Samba/smb is for.
What you'll be doing is turning your Linux box into an SMB server, which lets it share files in a way that plays nice with Windows.
If you're not on the same network, you'll need to tunnel this through your SSH connection which may not be worth the effort.
check out Dokan
https://dokan-dev.github.io/
it's iffy, but it works, and it's free
I don't think you can mount a Linux folder as a network drive under windows having only access to ssh. I can suggest you to use WinSCP that allows you to transfer file through ssh and it's free.
EDIT: well, sorry. Vinko posted before me and now i've learned a new thing :)
Apparently the free NetDrive software from Novell can access SFTP file servers.
Second David's answer below: I needed to mount a network drive automatically when users logged in. Dokan SSHFS is a nice tool, but wasn't reliable enough in this case. The copy of Netdrive I found didn't support SSHFS or sftp - not sure if a more recent one does.
The solution I'm trialling now involves adding a virtual network adapter (with file sharing disabled), using plink to open a tunnel via the new adapter to the remote machine running SAMBA, and mounting the network drive against the new adapter. There's another useful tutorial here http://www.blisstonia.com/eolson/notes/smboverssh.php.
The tunnel and network drive can be set up with a login script, so a few seconds after login users can use the mapped drive without needing to take any action.