Re: Workstation security question

From: Tod Beardsley (todb@planb-security.net)
Date: 06/05/02


Date: Wed, 5 Jun 2002 08:38:24 -0700
From: Tod Beardsley <todb@planb-security.net>
To: jradtke@admin1.umaryland.edu, focus-ms@securityfocus.com

jradtke@admin1.umaryland.edu (Tuesday, June 04, 2002, 6:00 AM) wrote:

> Should we be concerned enough about someone hacking into the workstations
> and then tapping into our servers to put software based firewalls at each
> workstation.

Heya Jason. In addition to the network worm threat, here's a couple
more things to consider:

Traditionally, it's not that hard for a locally-logged on user with
direct physical access to the hardware to increase his local
credentials to that of local administrator -- especially if nobody's
watching him closely as he's sitting at the terminal.

Once he's at a 0wned machine, the attacker is free to target other
machines at will.

Also, I would expect that a university setting would engender a more
aggressive local attacker than you would typically encounter in an
otherwise similar corporate environment, which would further justify
stronger host-based defenses.

-- 
Tod Beardsley (GCIA, MCSE)
"It's okay to yell fire in a crowded theater if
the theater is actually on fire."



Relevant Pages

  • Re: Software Firewall (2003)
    ... I use the free version of ZoneAlarm on all of my machines; servers, workstations, laptops, etc. ... Windows 2003 have the firewalls turned off, citing the usage of a PIX ... internal attack froma laptop running XP non SP2. ...
    (microsoft.public.windows.server.general)
  • RE: Optimize SMB on server to accomodate slow WAN link
    ... The lack of bursting is really a function of the carrier, ... especially if you have servers in the ... Advertising of shares/printers by workstations and servers ... the central office that they do not need to be connecting to. ...
    (microsoft.public.win2000.networking)
  • Re: Very Slow(60mins) XP logon
    ... The DNS on the servers is set to internal only, workstations get their dns through dhcp which also sets them up for internal dns. ... The slow logon happens with any AD account. ...
    (microsoft.public.win2000.networking)
  • Re: HP, Intel becoming laughing stock of computer industry
    ... > workstations and dozens of HP-UX servers. ... As well as a Linux port there is also a Windows ...
    (comp.os.vms)
  • Re: HP, Intel becoming laughing stock of computer industry
    ... > workstations and dozens of HP-UX servers. ... As well as a Linux port there is also a Windows ...
    (comp.os.vms)