Back to 7/96 Letters
Up to Table of Contents
Ahead to 7/96 News: TrueSpeech Makes Big Noise

7/96 News: Hacking NT Made Simple

By Serdar Yegulalp

While Windows NT is a far more secure offering than Windows 95 or the 16-bit operating systems, it's only as secure as you make it. There have been fears of NT security breaches in the past ( Armed & Ready; August 1995), but now there's a new 16-bit DOS program that can bypass some of NT's safeguards.

The program, named NTFSDOS.EXE, can be used to read drives formatted with NT's proprietary file system, NTFS. By placing NTFSDOS.EXE on a DOS boot floppy and booting an NT machine with it, a user can see password files, security features and administration databases. (Previously, only NT itself could read NTFS-formatted drives.)

Because NTFSDOS.EXE doesn't work through NT, it ignores user-based permissions and allows anyone access to every byte on an NTFS drive. Since NTFS doesn't normally encrypt data, unencrypted text and data files are directly readable-even with something as simple as the DOS TYPE command. In other words, anyone can do it.

The program's authors derived NTFSDOS.EXE from a similar program originally written for Linux, the redistributable version of UNIX. Both programs were intended as utilities to help legitimate users access NTFS drives-not as a hacker's tool.

The utility has already been posted on the Internet; it's accessible via anonymous ftp at ftp://ftp.ora.com/pub/examples/windows/win95.update/ntfsdos.zip. One easy way to add another level of security to NTFS is to turn on file compression, although someone may soon write a utility to decompress NTFS files. A better way is to use an encrypting disk controller.

Still, any secure installation "relies on the fact that the hardware itself is secure," said Enzo Schiano, product manager for Windows NT Server. In other words, keep the server closet locked.

Back to 7/96 Letters
Up to Table of Contents
Ahead to 7/96 News: TrueSpeech Makes Big Noise