I rather tend to agree with Saab....

XP isn't THAT insecure! Is your Windows drive set up as FAT32 rather than NTFS perhaps (FAT32 has no security)? Do all accounts with root privileges have secure PWs (at least 7 characters, alphanumeric, mixed case, no dictionary words)?

If your PFY has really rooted your box from a properly restricted account on a secured box then he's quite smart, because it isn't that easy.

Note that the Admin account doesn't have a default password in XP Home (this isn't that much of a net security risk, because external logons are not permitted to Admin if there is no PW). Have you set one? Have you changed the name of the Admin account (always a good idea)?

I suspect that your PFY merely booted up in Safe Mode and logged in to the unpassworded Admin/root account. This is too simple to qualify as a hack BTW! Once there he could easily create a new account with a admin/root privileges.

See http://www.windowsecurity.com/articl...ed-Groups.html for some tips on increasing security.

Having said that, once someone has physical access to a machine and a bit of time to spare they'll always get in eventually, whether it is WinXP, Linux, UNIX or whatever.

BIOS PWs are dead easy, just short the jumper or pull the battery for a few minutes and it's all reset.

And if he's an enterprising feller he'll just pull the HDD, stick it in an XP machine to which he has Admin/root access, copy over some hacks and tinker away with the registry to make the OS autostart them before putting it back. Easy peasy!

PS: There ARE low level ways to make it harder (like using a different boot manager) or fiddling with the MBR and boot.ini but this is more security by obscurity than anything else. They won't do anything but slow down a real hacker with access to your box.

PPS: We're not talking about access to encrypted files on the NTFS EFS here, just access to the OS.

NB: If "youth X" did this in spite of a "final warning" then that's a declaration of war and I'd act accordingly!!