Archived

This topic is now archived and is closed to further replies.

Aether

Windows 9x APIs do not Work with Windows NT4/2000

Recommended Posts

Sorry if this seems obvious, but I have a problem regarding a program that I wrote about 5 or 6 months ago that I just pulled out of cold storage for use. However, when I tried it, certain functions ceased to function. It is a security program, and one of its functions is to lock out CRTL-ALT-DEL. I do this through an API call. However, under Windows 2000, I found out that this doesn''t work. Whomever wishes to take the time out of their day to answer this question, please do so. Thanks

Share this post


Link to post
Share on other sites
Aether,

I don''t remember all the techy details of this, but what you are describing is a security feature of the WinNT family. In other words, it was a conscious decision by the WinNT developers to keep one from locking out the Ctrl-Alt-Del keys. The idea being, someone can''t create a "dummy" shell to run on computers to capture login passwords.

With that said, I doubt it is possible to lock out Ctrl-Alt-Del under WinNT/2000.

Regards,

Dean M.

Share this post


Link to post
Share on other sites
I''m pretty certain it isn''t possible to programmatically intercept and prevent ctrl-alt-del from working under WinNT. I recall pretty strongly this was a security feature built into the OS.

I''d not bet my life it can''t be done, but everything I''m reading says it can''t be done. I''d certainly be interested in seeing the code that can intercept it and disable it.

Regards,

Dean M.

Here are a couple of things I dug up on this in MSDN...

Quote 1: "You can prevent the CTRL+ALT+DEL and ALT+TAB key combinations from opening a task list in Windows 95 or Windows 98 by calling the SystemParametersInfo function in the Win32 API. A step-by-step example of this appears below.

NOTE: This is possible only in Windows 95 or Windows 98 "

Quote 2: "Do not cause all events for a hook to be serialized. For example, if an application installs a systemwide keyboard hook, all keyboard messages for all applications will be funneled through that application''s keyboard filter function, effectively wasting the system''s multiple input queue functionality. If that filter function stops processing keyboard events, the system will appear stopped to the user, but it will not really be stopped. The user can always use the CTRL+ALT+DEL key combination to log out and solve the problem, but he or she will probably not be happy with all this hassle. Also, users may not realize that they can reset the system with the logout/logon sequence."

Quote 3: "If this policy is enabled on a computer, a user is not required to press CTRL+ALT+DEL in order to log on. Not having to press CTRL+ALT+DEL leaves the user susceptible to attacks that attempt to intercept the user''s password. Requiring CTRL+ALT+DEL before logon ensures that the user is communicating by means of a trusted path when entering their password."

This particular article discusses how an Admin can change a security option that doesn''t require one to press ctrl+alt+del to get a logon, but when done, it causes a security nightmare.

Quote 4: "It is by design within Windows NT that, if the Secure Attention Sequence (SAS) (CTRL+ALT+DEL) is pressed, any logon scripts currently running are terminated. "

Quote 5: "All users should always press ctrl+alt+del before logging on. Programs designed to collect account passwords can appear as a logon screen that is there waiting for you. By pressing ctrl+alt+del you can foil these programs and get the secure logon screen provided by Windows NT. "

Share this post


Link to post
Share on other sites
Aether you dork... deanmat gives you FIVE (5) quotes from MSDN explaining that you can''t do this. Don''t waste your time listening to Tha_Hoodrat. This "security" program you wrote isn''t necessary (or possible) on NT, it''s already built in.

If you need to control who can and can''t login or close a session, then look at NT security profiles. You''re barking up the wrong tree right now.

Share this post


Link to post
Share on other sites