[Full-disclosure] Need some help with management

My management here wants to put a server on our LAN, not administered by
us (the IT department) and use a share on it to serve files and data to
our workstations. They do not understand why having a server with a
file share that is NOT part of our secure infrastructure represents a
threat to the computers accessing it. Keep in mind this is an all
Windows network. Sooo, if you guys can succinctly explain why having a
trusted computer trust an untrusted computer is a problem, that would be
helpful. Keep in mind we are talking to management here. It's kind of
like trying to explain why, when you are in the United States, it's a
bad idea to drive on the left hand side of the road. It's just so basic
it's not documented anywhere. So, please help me explain why netbios and
file shares on machines not within your network are bad ideas.



Thanks,



Daniel Sichel, CCNP, MCSE,MCSA,MCTS (Windows 2008)

Network Engineer

Ponderosa Telephone (559) 868-6367



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Managing our complete company using Microsoft products
    ... Directory, Mail Server, File Server and Print Server. ... Directory and network, while the other one has 6 peer-to-peer Windows 2000 ... We do not have a system administrator, and we do not have the resources or ... who wrote this are doing all of their project management and enterprise ...
    (microsoft.public.project)
  • Managing our complete company using Microsoft products
    ... Directory, Mail Server, File Server and Print Server. ... Directory and network, while the other one has 6 peer-to-peer Windows 2000 ... We do not have a system administrator, and we do not have the resources or ... who wrote this are doing all of their project management and enterprise ...
    (microsoft.public.office.misc)
  • Re: Windows 2003 Server
    ... For management of user accounts it will be easier to create a domain. ... Password management will be centralized in one database, ressource management also, you can use group policies for the complete domain and install software for example. ... But if you use the server as domain controller you also have to think about backup of the DC, if it will be the only one. ... Network has about 10 PC's on it and it set up as a WORKGROUP. ...
    (microsoft.public.windows.server.general)
  • Re: P2P v Server 2003
    ... >I will be installing a network of around 10 users and would like to ... > know what issues I need to be aware of should I opt for a full server ... > As the requirement is essentially for simple file sharing I would ... management issues you will run into. ...
    (microsoft.public.windows.server.networking)
  • Re: Network Access
    ... > the 'Windows Network', I get the following error message: ... > to use this network resource. ... > this server to find out if you have access permissions. ...
    (microsoft.public.windows.server.networking)