Re: uh, oh (was:Re: w2k server compromised)
From: Bronek Kozicki (brok@rubikon.pl)
Date: 01/30/03
- Previous message: Thomas Cameron: "RE: uh, oh (was:Re: w2k server compromised)"
- In reply to: Dan Uscatu: "uh, oh (was:Re: w2k server compromised)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bronek Kozicki" <brok@rubikon.pl> To: "Dan Uscatu" <duscatu@lunatech.ro>, <focus-ms@securityfocus.com> Date: Thu, 30 Jan 2003 16:35:42 +0100
Dan Uscatu <duscatu@lunatech.ro> wrote:
> i am using my laptop outside the domain, logged in as local
> administrator. now i can access the c$ and d$ shares (and all others)
1. you have the same password as your local administrator and as domain
admin ; AND at the same time
2. DC (and other computers in domain) is accepting NTLM (without
Kerberos, ie. without "v2") authentication
If you run AD in native mode, in most cases you can stop using NTLM auth
and use NTLMv2 only. There is setting in GPO for that
regards
B.
- Next message: Web Master: "Unknown Windows 2000 files?"
- Previous message: Thomas Cameron: "RE: uh, oh (was:Re: w2k server compromised)"
- In reply to: Dan Uscatu: "uh, oh (was:Re: w2k server compromised)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
