More on partitions and security

More on partitions and security
George Perkins

Reader George Perkins responds to our tip by Adesh Rampat about using FAT on a server because of the ease with which you can repair it.

The boot partition contains %winnt% system directory.
The system partition contains the boot.ini file, the NT loader, and of course, the boot record on track 0 of the C: drive.

In a typical installation, the boot and system partitions are the same. However, on a multi-boot machine (as may be configured in a test lab), the boot partition may not be the same as the system partition. In that instance, a FAT system AND boot partition could prove useful if you are debugging boot.ini problems, flaky hard drives, broken mirror sets, or the like. A quick boot from a DOS diskette can have you up and running quickly in some situations where you have messed up the system partition or overlaid directories in your boot partition.

However, I would never use FAT on a production server, and disagree with those who say you should. Security is just too important. Any administrator who sacrifices good security practices for convenience has no business maintaining Windows servers for an enterprise, in my humble opinion.

A better all-around useful hip-pocket emergency tool is ERD Commander (

    Requires Free Membership to View

    Login

http://www.winternals.com/), which can boot from a 3.5" diskette and provide DOS-like access to NTFS volumes. If you're running Windows 2000, Microsoft delivers (for no additional cost!) a nice emergency boot tool (although quite limited). Just boot to the Recovery Console (bootable from the installation CD, or you can pre-install it on the hard drive, giving you a dual-boot configuration. For the reasons stated previously related to security, I'd recommend just booting from the CD.

I know this is less of a tip and more of a clarification, but I hope you will find it useful.

Did you like this tip? If so, (or if not) why not let us know. Send an email to us and sound off.

Related Book

Secure Networking With Windows 2000 and Trust Services
Author : Jalal Feghhi
Publisher : Addison Wesley
Published : Feb 2001
Summary :
Secure Networking with Windows 2000 and Trust Services is an authoritative resource that addresses the security issues involved in using the Internet as a platform for conducting commerce. It explains public-key technology and describes techniques for ensuring secure transactions with business partners and consumers.


This was first published in May 2001

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top