Well, it’s all true. NTFSDOS can read NTFS partitions when you boot the system from DOS. And NTFSDOS makes them appear exactly as if they were FAT drives, no matter how many files are on them. However, the situation is not as bad as you think. There are holes in the holes that Mark Russinovich and Bryce Cogswell have tried to fill, or drive through, or whatever their intentions are.
For NTFSDOS to work, you must physically access the system because the network redirectors in Windows for Workgroups and Win95 already let you access network shares of NTFS volumes. If you can boot from a floppy (on Intel systems only) or install the utility on the hard drive of a Windows-driven system, you can execute NTFSDOS. It stays in memory until shutdown, granting you read-only access to NTFS-formatted disks or partitions on the local system.
You can protect yourself by exploiting what NTFSDOS doesn’t do: Version 1.1 doesn’t read a partition larger than 2 GB because DOS can’t read past that boundary (a new NTFSDOS version will read >2GB). NTFSDOS doesn’t read striped disks, so anything with RAID is inaccessible. And NTFSDOS doesn’t write to an NTFS partition, but a planned version will. So, if you have extra money for some larger hard drives, build up your system so that DOS can’t run on it. Or if you are dual-booting, make your NT stuff big enough to act as a firewall.
Other concerns (geez, I hope I’m not giving anyone ideas) are remote server management utilities and hardware: Watch out with server add-in boards that let you remotely manage a server, down to the hardware level, even if you’re booting from a floppy thousands of miles away from the server. This capability can be dangerous if, say, disgruntled employees get your server’s phone number and have the system management utility. They can boot from a floppy locally and read all your NTFS files. If you use hardware (power on) passwords, this scenario isn’t a problem.
You can protect yourself by emulating secure data warehouses: Implement physical security on server systems by limiting access to the boxes and disable floppy drives, turn on hardware passwords on workstations, disable automatic logons and shutdown features, and so forth. You can’t hold NT responsible for NTFS security if NT isn’t running as Microsoft says.
What can you legitimately use NTFSDOS for? Perhaps you can back up an NTFS volume from Windows 3.x. But if you have an NTFS volume, you are running NT, so why not use an NT-native backup utility? Or you can try to read an NTFS volume on a crashed NT system to see whether your files are still there. Just be aware that if you are using NTFSDOS legitimately and not hacking someone else’s box, you must be careful. NTFSDOS can corrupt the data you pull from an NTFS volume, and the makers obviously offer no guarantees about maintaining data integrity.
Critical Challenges of ESI & Email Retention Are you storing too much electronic information? Get expert legal advice and better understanding of what you are required to do as an IT professional.
Rev Up Your IT Know-How with Our Recharged Magazine! The improved Windows IT Pro provides trusted IT content with an enhanced new look and functionality! Get comprehensive coverage of industry topics, expert advice, and real-world solutions—PLUS access to over 10,000 articles online. Order today!
Get It All with Windows IT Pro VIP Stock your IT toolbox with every solution ever printed in Windows IT Pro and SQL Server Magazine plus bonus Web-exclusive content on hot topics. Subscribe to receive the VIP CD and a subscription to your choice of Windows IT Pro or SQL Server Magazine!
Order Your Fundamentals CD Today! Gain an introduction to Exchange, learn server security requirements, and understand how unified communications can play a role in your messaging strategies with this free Exchange CD.
Windows IT Pro
Register
