Re: Workstation security question
From: Tod Beardsley (todb@planb-security.net)Date: 06/05/02
- Previous message: REAVA, JEFFREY [IT/0200]: "RE: Workstation security question"
- In reply to: jradtke@admin1.umaryland.edu: "Workstation security question"
- Next in thread: securemax@hushmail.com: "Re: Workstation security question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 5 Jun 2002 08:38:24 -0700 From: Tod Beardsley <todb@planb-security.net> To: jradtke@admin1.umaryland.edu, focus-ms@securityfocus.com
jradtke@admin1.umaryland.edu (Tuesday, June 04, 2002, 6:00 AM) wrote:
> Should we be concerned enough about someone hacking into the workstations
> and then tapping into our servers to put software based firewalls at each
> workstation.
Heya Jason. In addition to the network worm threat, here's a couple
more things to consider:
Traditionally, it's not that hard for a locally-logged on user with
direct physical access to the hardware to increase his local
credentials to that of local administrator -- especially if nobody's
watching him closely as he's sitting at the terminal.
Once he's at a 0wned machine, the attacker is free to target other
machines at will.
Also, I would expect that a university setting would engender a more
aggressive local attacker than you would typically encounter in an
otherwise similar corporate environment, which would further justify
stronger host-based defenses.
-- Tod Beardsley (GCIA, MCSE) "It's okay to yell fire in a crowded theater if the theater is actually on fire."
- Previous message: REAVA, JEFFREY [IT/0200]: "RE: Workstation security question"
- In reply to: jradtke@admin1.umaryland.edu: "Workstation security question"
- Next in thread: securemax@hushmail.com: "Re: Workstation security question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
