NTFSDOS is a
file system driver for DOS, Windows 3.x, and Windows 95 that makes NT File
System (NTFS) files visible, as if they were standard File Allocation Table
(FAT) drives. We wrote this 16-bit real-mode DOS program to access files we
store on NTFS drives from Win95 on our dual-boot Win95/NT systems. If run
under DOS 7.0 or Win95, NTFSDOS supports NTFS long file names, and it has
decompression routines that understand NTFS compressed files and directories.
Because we wanted to run NTFSDOS only on single-user NT workstations that
have dual-boot systems, it ignores NTFS security attributes. Once NTFSDOS mounts
an NTFS drive, the entire drive is visible, including files and directories of
all users. In addition, loading NTFSDOS onto a floppy disk lets us boot on
systems that have a floppy boot capability. The ability to boot off a floppy
lets NTFSDOS access files on systems that have NT as their sole operating system
and NTFS as their only file system type.
Several magazines have recently published stories on NTFSDOS. They imply
that the ability to boot NTFSDOS from a floppy exploits or creates an NT
security hole, and concerned NT administrators have apparently contacted
Microsoft. In response, Microsoft published a white paper to address NTFSDOS, "Windows
NT File System: Built for Data Security" (1996). Microsoft correctly
asserts that NT's C2 security certification requires a physically secure NT
system. This requirement means isolating the system from unauthorized physical
access. Of course, if unauthorized users are not allowed near a machine, they
cannot force it to boot NTFSDOS from a floppy disk.
Although we disagree with the view that NT has a security hole for NTFSDOS
to exploit, NT users and administrators must know that NTFSDOS can breach poorly
implemented security. NTFSDOS raises the requirement of physical security to a
new level. Consider a company that in the past thought its NT machines secure
from unauthorized access because security measures were in place at the building
entrance. Thus, although employees were able to physically access the company's
server and a colleague's workstation, stealing a computer or destroying a disk
drive was highly unlikely. If users tried to access data to which they were not
privy, NTFS software-based security prevented them from doing so.
The availability of NTFSDOS means that the company must lock its server
away and disable the ability of its workstations to boot off a floppy disk.
Because many old computers do not have a floppy-boot disabling feature,
companies must now consider upgrading to machines that do. Physical security for
NT systems used to mean preventing theft or destruction. NTFSDOS means you also
have to disable the ability to boot from a floppy disk.
End of Article
)
Register
NTFSDOS is one of the Greatest tools that has been abailable to PC Technicians like me and others. I have stood away from partitioning my computers's hard drive in NTFS as far as possible BECAUSE when a severe system failure occured, I was UNABLE to access my hard drive fron an MS-DOS boot CD or Floppy and it was a real pain in the a** to access my inportant datas which In needed immediately after the severe failure, so therefore I ONLY use FAT32 on all of my computers, I have a 250 GB Hard drive and I have Windows XP Pro installed using FAT32 as my preffered partition table. I have a very intensive knowledge on MS-DOS, its tools and command line parameters and therefore I would like to retain FULL MS_DOS compatibility for all of my files and OS. I dont really care that much of the extra features that NTFS brings to Windows XP, such as compression support, and passworded directories. There are many ways to secure your PC using FAT32, one way is disabling booting from Floppy and from CD, passwording protecting your BIOS (to reinforce that rule), and finally putting an administrator password to Windows XP and ensuring that all of your windows user accounts uses passwords, I dont see how one can unauthorisely access my datas by following the security rule I just finished explaining. NOW, After reading the NTFSDOS availability, I am thinking of migrating to NTFS by the very first time in my life because with NTFSDOS I will have to assurance that my important datas will be available within my hands IMMEDIATELY after a severy system failute/crash. Now thanks to NTFSDOS I can keep NTFS on my customer's hard drive each time that I do a computer fix job.
NTFSDOS completes what MICROSOFT forgot to complete -- IF something causes me inconvenience to provide me "more security" I will probably not use it UNTIL a tool is available to reduce the inconveniences"...
Anonymous User January 26, 2005 (Article Rating: