From the conception of the first computer virus, floppy
disks have posed a very real security risk for computer users and IT managers
alike. Although e-mail and Web browsing are often the distribution method of
choice for today’s viruses, floppy disks still pose a risk. In addition, the
presence of removable devices such as floppy drives and writable
CD/DVD drives increases the risk of data theft or misuse.

One Windows 2000 Resource Kit utility that can help you
better secure your systems is Floplock.exe. (This tool runs as a Windows
service.) When installed and running on a Windows 2000 Professional computer,
Floplock.exe uses a discretionary access control list (DACL) to prevent access
to the floppy disk. Only members of the Administrators and Power Users groups
can use access the floppy disk. You can restore general access to the floppy
disk by stopping the Floplock.exe service.

When you install the Resource Kit, it installs the
Floplock.exe file to a system but it does not add it as a service. You can use
the Instsrv.exe command-line tool or the Service Installation Wizard (both of
which are included with the Resource Kit) to install Floplock.exe as a service
(as well as remove it).

For details on installing Floplock.exe as a service, see the
Floplock.exe Help page in the Windows 2000 Resource Kit documentation.

Miss a column?

Check out the Windows 2000 Professional archive, and catch up on the most recent editions of Jim Boyce’s column.

Want more Win2K tips and tricks? Automatically sign up for our free Windows 2000 Professional newsletter, delivered each Tuesday!