More on partitions and security

More on partitions and security
George Perkins

Reader George Perkins responds to our tip by Adesh Rampat about using FAT on a server because of the ease with which you can repair it.


The boot partition contains %winnt% system directory.
The system partition contains the boot.ini file, the NT loader, and of course, the boot record on track 0 of the C: drive.

In a typical installation, the boot and system partitions are the same. However, on a multi-boot machine (as may be configured in a test lab), the boot partition may not be the same as the system partition. In that instance, a FAT system AND boot partition could prove useful if you are debugging boot.ini problems, flaky hard drives, broken mirror sets, or the like. A quick boot from a DOS diskette can have you up and running quickly in some situations where you have messed up the system partition or overlaid directories in your boot partition.

However, I would never use FAT on a production server, and disagree with those who say you should. Security is just too important. Any administrator who sacrifices good security practices for convenience has no business maintaining Windows servers for an enterprise, in my humble opinion.

A better all-around useful hip-pocket emergency tool is ERD Commander (http://www.winternals.com/), which can boot from a 3.5" diskette and provide DOS-like access to NTFS volumes. If you're running Windows 2000, Microsoft delivers (for no additional cost!) a nice emergency boot tool (although quite limited). Just boot to the Recovery Console (bootable from the installation CD, or you can pre-install it on the hard drive, giving you a dual-boot configuration. For the reasons stated previously related to security, I'd recommend just booting from the CD.

I know this is less of a tip and more of a clarification, but I hope you will find it useful.


Did you like this tip? If so, (or if not) why not let us know. Send an email to us and sound off.

Related Book

Secure Networking With Windows 2000 and Trust Services
Author : Jalal Feghhi
Publisher : Addison Wesley
Published : Feb 2001
Summary :
Secure Networking with Windows 2000 and Trust Services is an authoritative resource that addresses the security issues involved in using the Internet as a platform for conducting commerce. It explains public-key technology and describes techniques for ensuring secure transactions with business partners and consumers.


This was first published in May 2001

Dig deeper on Windows Server and Network Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close