Page 1 of 3 123 LastLast
Results 1 to 15 of 37
  1. #1
    Star Lounger
    Join Date
    Jan 2002
    Location
    Hunt Valley, Maryland, USA
    Posts
    84
    Thanks
    21
    Thanked 0 Times in 0 Posts

    Question Inside-family hacking job -- how to block

    Any suggestions as to how to block a rogue user, who doesn't have administrator rights and who is supposedly restricted by Parental Controls to time limits and selected applications/web sites, from hacking into what apparently is administrator rights? :-(
    A youthful member of the family apparently has learned how to gain access to administrator rights on the Win XP OS in our desktop PC. S/he is able to go around the settings in Windows XP Parental Controls. She is also able to change file/folder ownerships, apparently. He has also deleted the Norton Internet Security application -- or at least disabled it.
    Recently, when I came into the room unexpectedly, I looked at the screen as she was leaving the room, and the OS was just starting-up in the screen at which the user can select start-up in Normal, or Safe Mode, or a few other choices. I selected Safe Mode and hit Enter. Then began a scrolling of what I recall was a list of programs, or perhaps they were folders. Of course, I wound up in Safe Mode.
    We want to let the user to continue to use the PC, only within the limits we set with Win XP Parental Controls.

    1. Has this ever happened to you -- on any version of Windows?
    2. Any ideas how the perp is doing this?
    3. Any ideas how to block this ability, other than locking up either the PC or the perp?

    Thanks.

  2. Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    East Coast, USA
    Posts
    993
    Thanks
    8
    Thanked 43 Times in 43 Posts
    Possibly, the user knows the password of the hidden "Administrator" account.

  4. #3
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Los Angeles, CA
    Posts
    793
    Thanks
    3
    Thanked 27 Times in 25 Posts
    Quote Originally Posted by JohnSimkins View Post
    I selected Safe Mode and hit Enter. Then began a scrolling of what I recall was a list of programs, or perhaps they were folders. Of course, I wound up in Safe Mode.
    This sounds like the SOS option was added to that boot selection. This option displays all of the drivers and services as they get loaded and started.

    Has this ever happened to you -- on any version of Windows?
    My kids always had unlimited admin access. So far they haven't hosed their computers with a virus; though my wife did once.

    Any ideas how the perp is doing this?
    Google is a wonderful thing, you can find all kinds of way to crack into systems, especially ones that are not locked down sufficiently. Any even if you lock the system down tighter than a drum, all the perp needs is a USB drive or CD with an OS on it (such as a Linux live CD) and boot from that. At that point she can change/modify/remove any file on the hard drive.

    Any ideas how to block this ability, other than locking up either the PC or the perp?
    What is it that you are trying to limit? Access to certain files? Access to certain web sites? Access to certain programs? If you can pinpoint exactly what you want protected, there are usually ways. Files and apps are easier to protect, limiting web access is more difficult - there are tools to help with this, but there are probably cracks for each tool.

  5. #4
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 930 Times in 851 Posts
    I would definitely change the password of the Administrator account, and DO NOT share this password. Choose a password that only the adults in the home know and one that is strong and not obvious. A Google search gives various ideas on parental controls. Read through several of the sites to get ideas.

    Stronger parental punishment might be a deterrent as well.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  6. #5
    Gold Lounger Roderunner's Avatar
    Join Date
    Dec 2009
    Location
    Scotland.
    Posts
    3,426
    Thanks
    16
    Thanked 212 Times in 180 Posts
    Hi John, during set up, did you set a password for the 'Administrator's' account ?
    George's PC Specs. / Laptop. Desktop.

  7. #6
    2 Star Lounger
    Join Date
    Mar 2010
    Location
    Tampa, FL, USA
    Posts
    114
    Thanks
    11
    Thanked 7 Times in 7 Posts
    Keep the computer in a very public part of the house.
    PJ in FL

  8. #7
    Star Lounger
    Join Date
    Jan 2002
    Location
    Hunt Valley, Maryland, USA
    Posts
    84
    Thanks
    21
    Thanked 0 Times in 0 Posts
    tfspry:
    Well, the user might have known my wife's account password -- I made both her and myself administrators on this PC. I'm not sure, but that leak perhaps lasted long enough for the initial mischief to take place.
    The two administrators' accounts have quite secret passwords now, since the first violation occurred -- which was over six months ago.
    /// New question: is there a third account, a hidden administrator account, in Win XP? Or, are you referring to one of the two I mentioned? ///

  9. #8
    Star Lounger
    Join Date
    Jan 2002
    Location
    Hunt Valley, Maryland, USA
    Posts
    84
    Thanks
    21
    Thanked 0 Times in 0 Posts
    Yes... both administrator accounts are on [separate] passwords.

  10. #9
    Gold Lounger Roderunner's Avatar
    Join Date
    Dec 2009
    Location
    Scotland.
    Posts
    3,426
    Thanks
    16
    Thanked 212 Times in 180 Posts
    Hi John,
    /// New question: is there a third account, a hidden administrator account, in Win XP? Or, are you referring to one of the two I mentioned? ///
    The real Administrator account is not accessible during normal use, only yours & wifes which are part of the Admin Group.
    The only way I know to see the Real Admin account is to boot in safe mode, by tapping F8 during start up.
    George's PC Specs. / Laptop. Desktop.

  11. The Following User Says Thank You to Roderunner For This Useful Post:

    JohnS0603 (2011-05-28)

  12. #10
    Gold Lounger Roderunner's Avatar
    Join Date
    Dec 2009
    Location
    Scotland.
    Posts
    3,426
    Thanks
    16
    Thanked 212 Times in 180 Posts
    Update.
    -
    Installation is going to automatically assign a computer name in the Computer Name and Administrator Password screen. Once you see the name it chooses you'll be grateful it can be easily changed. The important part of this screen is the administrator password. All the begging and pleading in the world can't make you choose something that's hard to guess, but just remember that this one single choice you're making right now is the key into everything you hold near and dear (and private) in the world of computing. It's also essential you remember the password, even if you aren't a case sensitive type of guy/gal.

    Attachment 28173
    George's PC Specs. / Laptop. Desktop.

  13. The Following User Says Thank You to Roderunner For This Useful Post:

    JohnS0603 (2011-05-28)

  14. #11
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    East Coast, USA
    Posts
    993
    Thanks
    8
    Thanked 43 Times in 43 Posts
    Hi John - To get to a listing of Users and Groups....
    You can Right Click My Computer, > Manage > Local Users and Groups
    You will see Descriptions for some Users and Descriptions for all Groups.
    You can Right Click any of the Users or Groups for further info.

  15. #12
    2 Star Lounger
    Join Date
    Apr 2002
    Location
    East Tennessee
    Posts
    179
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Sounds to me that a bit of corporal punishment applied to the buttocks is in order. Regardless of the age of the perpetrator. Might be even more effective on older culprits.

  16. #13
    New Lounger
    Join Date
    Dec 2009
    Location
    St Louis, Missouri, USA
    Posts
    4
    Thanks
    4
    Thanked 0 Times in 0 Posts
    I don't know about a paddling, but if I found out my kid had intentionally disregarded the limits I had placed on his/her computer use, he/she would find his/her computer privileges revoked until such time as said child agreed to abide by the rules of the household. Once that issue was settled, I would encourage and support my child's obvious computer-related talents.

  17. #14
    New Lounger
    Join Date
    Dec 2009
    Location
    Bucharest, Romania
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts

    General WinXP security guidelines

    1. When installing WinXP keep the computer OFF-LINE (not connected to any network);
    2. As Roderunner said: provide a strong password to the "Administrator" account when prompted during the install;
    3. Keep in mind that every other account created during install (i.e. yours and wifes) is in the "Administrators" group. Provide those accounts with strong passwords immediately after the first login;
    4. Lock down your fresh WinXP install (after you've installed your preferred bunch of applications) using a method that is suitablefor you (stop unnecessary services and/or disable them, configure your security suite according to your needs etc.);
    5. Connect your machine to the net and update everything you can;
    6. Create the limited user account(s) and configure them and the parental control method(s) of your choice;
    7. Disable booting from USB, CD/DVD, SD-Card, Network (BIOS settings) and password protect the access to BIOS (read the "User manual" of your motherboard/computer).
    8. It would'n hurt to use a home router running DD-WRT (an open-source router and firewall that runs on home-use routers as Linksys, D-Link and others).

    Those are standard practices that I've come to recommend to everyone, but keep in mind that physical access to a computer means that, given enough time and knowledge, any security measure can be circumvented.

    My final thoughts on that post: educate better, restrain less. Imprint in your kids and/or pupils, friends, coworkers the commandments like "Knowledge is power", "With (great) power comes (great) responsability", "Do to others what you want to be done to you" and such. And _always_ encourage exploration and the responsible search for knowledge. An overprotected child can become a victim or a criminal, and neither of those are our ideals

  18. #15
    New Lounger
    Join Date
    Jun 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    When my son had an online gambling problem we used the 'full transparancy' model. We installed the free version of ManicTime. This is a PC usage logging program that keeps a record of every file opened and every website visited. The beauty is it also gives the time on and time off every activity. If he tries to delete any activity it shows up as a 'hole' in the usage log and we know he has someting to hide - knowing that we can check at any time is a fantastic deterrent to him. In your case you can apply sanctions such as "every hole will reduce your usage by one week" - and stick to it.

    Mind you how you can stop smartphone activity is another problem.

Page 1 of 3 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •