More on partitions and security
Reader George Perkins responds to our tip by Adesh Rampat about using FAT on a server because of the ease with which you can repair it.
The boot partition contains %winnt% system directory.
The system partition contains the boot.ini file, the NT loader, and of course, the boot record on track 0 of the C: drive.
In a typical installation, the boot and system partitions are the same. However, on a multi-boot machine (as may be configured in a test lab), the boot partition may not be the same as the system partition. In that instance, a FAT system AND boot partition could prove useful if you are debugging boot.ini problems, flaky hard drives, broken mirror sets, or the like. A quick boot from a DOS diskette can have you up and running quickly in some situations where you have messed up the system partition or overlaid directories in your boot partition.
However, I would never use FAT on a production server, and disagree with those who say you should. Security is just too important. Any administrator who sacrifices good security practices for convenience has no business maintaining Windows servers for an enterprise, in my humble opinion.
A better all-around useful hip-pocket emergency tool is ERD Commander (http://www.winternals.com/), which can boot from a 3.5" diskette and provide DOS-like access to NTFS volumes. If you're running Windows 2000, Microsoft delivers (for no additional cost!) a nice emergency boot tool (although quite limited). Just boot to the Recovery Console (bootable from the installation CD, or you can pre-install it on the hard drive, giving you a dual-boot configuration. For the reasons stated previously related to security, I'd recommend just booting from the CD.
I know this is less of a tip and more of a clarification, but I hope you will find it useful.
Did you like this tip? If so, (or if not) why not let us know. Send an email to us and sound off.
Secure Networking With Windows 2000 and Trust Services
Author : Jalal Feghhi
Publisher : Addison Wesley
Published : Feb 2001
Secure Networking with Windows 2000 and Trust Services is an authoritative resource that addresses the security issues involved in using the Internet as a platform for conducting commerce. It explains public-key technology and describes techniques for ensuring secure transactions with business partners and consumers.