|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
October 20th, 2004, 11:09 AM
|
|||
|
|||
|
BIOS default password
Hi!
How can we remove the default password for BIOS which is "AWARD Modular v6.00PG"? We don't want any default passwords because if there is one, anyone in our net can use it, enter the setup, and boot the PC from disk drive, and after that, using the WINNT pass change utility, he can change the local administrator's password and do anything on that computer. We cannot monitor the users, because out computer site is open at nights and there isn't any supervisors in the site at midnight! Please help us urgently!
|
|
#2
October 21st, 2004, 08:21 AM
|
||||
|
||||
|
Well, you need to get the documentation for your specific machines; it is unlikely anyone here can give you more than generic advice. Be absolutely sure to record the new password! Of course you need to know that with physical possession even BIOS passwords can be bypassed, sometimes with very little effort (on some mother boards a simple flip of a dip switch). Granted it requires opening up the case, but if the computers are unsupervised and unsecured then there would be nothing keeping someone from doing just that and making all your nightmares come true. All you are doing is raising the bar, but I suspect that anyone with the knowledge to find the default password will also have the knowledge of how to reset the password, so I doubt the bar is raised very high. If you are truly concerned with your machines being hacked you have a much larger problem and should probably rethink your security with the presumption that each machine has been hacked, has keystroke monitors on it and are all actively snooping the network and put appropriate security in place to deal with that.
__________________
Left DevShed May 28, 2005. Reason: Unresponsive administrators. Free code: http://sol-biotech.com/code/. Secure Programming: http://sol-biotech.com/code/SecProgFAQ.html. Performance Programming: http://sol-biotech.com/code/PerformanceProgramming.html. It is not that old programmers are any smarter or code better, it is just that they have made the same stupid mistake so many times that it is second nature to fix it. --Me, I just made it up The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends on the unreasonable man. --George Bernard Shaw
|
|
#3
October 21st, 2004, 02:38 PM
|
||||
|
||||
|
Quote:
Pull pin, wait, replace pin...Default BIOS password reset...  U seem to be going DEEP in your Security worry. Why don't you just provide a 'white box' without a floppy or cd-rom, boot from hdd and then you are gtg. Disable USB if onboard. then, install a security schema. IE, user has NO access and\or rights to change settings. There are Kiosk\terminal setups tutorials and howto's that could be a good guide for this. P.S. Check out DEEP FREEZE software if you are concerned about users changing things on your network
__________________
Curious by Nature, Linux by Choice Last edited by dba_frog : October 21st, 2004 at 02:40 PM.
|
|
| Viewing: Dev Shed Forums > System Administration > Security and Cryptography > BIOS default password |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
