Re: focus-ms@securityfocus.com

From: Flávio Pereira (fpereirabr_at_yahoo.com.br)
Date: 09/01/03

  • Next message: Brian W. Spolarich: "RE: Security Configuration guides provided by the Navy." 
    Date: Mon, 1 Sep 2003 17:23:13 -0300 (ART)
To: "fala83@libero.it" <fala83@libero.it>, focus-ms <focus-ms@securityfocus.com>, todd <todd@toddschubert.com>

      I think that you can create users/Groups with
    different privilege level.
      Then, try to insert this users in differents
    Security policy.
      I agree that Users and password cannot be locally
    cached but when have LapTop users, It's necessary.

    --- "fala83@libero.it" <fala83@libero.it> escreveu: >
    In my opinion a system wouldn'n cache password
    > locally.
    > E.g. Sysadmin logs in into a workstation and
    > password will be stored locally. An
    > attacker could retrieve his password and login into
    > the whole network whit
    > administrative privileges. It is not completely
    > safe.
    > I'd rather prefer use Kerberos, using his tickets to
    > access network resource
    > without caching password.
    > Anyway if the password must be stored locally, it
    > must be!
    >
    >
    > >Todd Shubert wrote:
    > >
    > > What exactly is the "right security policy"?
    > Wouldn't not storing the
    > > password provide problems for users, specifically
    > laptop users, that
    > > require the use of cached credentials?
    >
    >
    >
    ---------------------------------------------------------------------------
    > KaVaDo provides the first and only integrated Web
    > application scanner and
    > firewall security suite that prevent Web
    > applications attacks, the most
    > common form of online exploitation. Download a FREE
    > whitepaper on Security Policy Automation for Web
    > Applications.
    >
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    >
    ---------------------------------------------------------------------------
    >

    =====

    Flávio Pereira

    ICQ 62382441

    flavio_it@hotmail.com (MSN)

    fpereirabr@yahoo.com.br

    Cel.: 9730-6277

    _______________________________________________________________________
    Desafio AntiZona: participe do jogo de perguntas e respostas que vai
    dar um Renault Clio, computadores, câmeras digitais, videogames e muito
    mais! www.cade.com.br/antizona

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------

  • Next message: Brian W. Spolarich: "RE: Security Configuration guides provided by the Navy."