How To Secure Your Windows 95/98 box against Local Intrusion. Copyright 2000 Lumikant Released by HackTech (www.hacktech.org) This txt is here to teach you to keep people from accessing your personal files etc on your windows 95/98 pc. After reading this you should have a good idea of how to keep anyone from a brother or sister, or if you are a admin, an annoying employee/student out of things they shouldn't see. The way I am writing this, I am assuming you have good knowledge of your computer system, how it works, how to use it etc.. If you need any clarification, just mail me and I will be glad to help you out. The first step in securing your box is to secure CMOS. This is the key to your computer. It controls everything. With most pc's you press the [del] key or F8 to enter CMOS. The first thing to do is set passwords. Make sure you set the setup and users passwords. The next thing to do is set it to boot of from the HDD first, then CD then floppy drive. This will make it so things like my root kit wont work on your computer. If you need to use a boot disk, you can just change it in CMOS. Just make sure you change it back when you are done. The next thing to do is set up a multiple user system. Make your own acct, making sure to keep in mind the rules for making a strong password. Then get a policy editor. If you can't disable the the other accts with a policy editor, then disable them all by disallowing usage of important files. Now you have to edit your config.sys and add the line BOOTKEYS=0 this will disallow the usage of the [shift]-F5 combo or F8 to gain access to the file system. The next part of the securing is difficult. You need to put a small dot of solder onto your CMOS battery to hold it. It wont hold it in place to such an extent that you cant change it, but it makes it annoying to take out. Also, if anyone removes it to reset your CMOS you can tell your system has been compromised. The next step is not available on all computers. Dependant on the type of case you have there may be a place to lock your box. Do this... it prevents access to the inside of your computer, because if someone wanted to, they could open your case, take your hdd and access your files, or they could put in a hdd of theirs and access yours through it. Now you want to keep your passwords safe. With windows ALL of your passwords are saved to .pwl files in the windows directory. make these files archived, hidden, system and read only. This can make it difficult to copy/change them. Then set a password on your Screen Saver. The next step is the most important.. GET PGP!!! get it get it get it. If you dont have PGP you're unsafe. Crypt ANY files of ANY importance at all. Make sure your PGP pass phrase is at least 30 characters long. Thats about it, im sure there are a few small details that i forgot, but this will get you well upon your way to securing it. This covers all the major points. I hope this helped. If you need more info then mail me and I'll help you out. btw, GET PGP.