uh, oh (was:Re: w2k server compromised)
From: Dan Uscatu (duscatu@lunatech.ro)
Date: 01/29/03
- Previous message: Jackson, Ben (DPH): "RE: Win2k log management"
- Next in thread: Thomas Cameron: "RE: uh, oh (was:Re: w2k server compromised)"
- Maybe reply: Thomas Cameron: "RE: uh, oh (was:Re: w2k server compromised)"
- Reply: Bronek Kozicki: "Re: uh, oh (was:Re: w2k server compromised)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dan Uscatu" <duscatu@lunatech.ro> To: <focus-ms@securityfocus.com> Date: Wed, 29 Jan 2003 18:03:37 +0200
ok here are the conclusions:
in order to create a second DC, one *must* set the DNS on this second
computer to point to the first DC. dont ask why... my guess it has
somehting to do with netbios names
i have a DNS on linux on the network, it is resolving all computers
including the first DC and the second one... but DCPROMO wont allow me
to add the second DC for some obscure reason unless i set the DNS to
point to the DC.
anyway problem is solved, the server was reinstalled and all uid's are
fine.
but, what the hell:
i am using my laptop outside the domain, logged in as local
administrator.
now i can access the c$ and d$ shares (and all others) on the DC without
a password !!! can anyone guess why this thing is happening and what can
i do to stop it ?
p.s. the DC is not in internet so dont bother trying to get it :)
- Next message: Wilson, Kevin W. (WIL) : "RE: Bypass Traverse Checking?"
- Previous message: Jackson, Ben (DPH): "RE: Win2k log management"
- Next in thread: Thomas Cameron: "RE: uh, oh (was:Re: w2k server compromised)"
- Maybe reply: Thomas Cameron: "RE: uh, oh (was:Re: w2k server compromised)"
- Reply: Bronek Kozicki: "Re: uh, oh (was:Re: w2k server compromised)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
