Re: Security issue in Windows 2000?

• Previous message: Chris Berry: "Re: Ten least secure programs"
• In reply to: hong li: "Security issue in Windows 2000?"
• Next in thread: dave klimen: "RE: Security issue in Windows 2000?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 2 Jul 2003 15:37:43 -0400 (EDT)
To: security-basics@securityfocus.com

hong: Date: Wed, 2 Jul 2003 07:35:12 -0700 (PDT)
hong: From: hong li <hong_li_98@yahoo.com>
hong: To: security-basics@securityfocus.com
hong: Subject: Security issue in Windows 2000?
hong:
hong: If you use the same password for the local
hong: administrator on workstations
hong: as all other servers's local administrator, (even
hong: domain administrator),the local administrator can gain
hong: full access to any servers without asking
hong: domain info if you logon locally using local
hong: administrator account. You even can map to
hong: \\servername\c$ whihout asking any domain users info.
hong:
hong: I recalled this never happenes in NT environment and
hong: it always pops you doamin userinfo when you access any
hong: server in the doamin if you log on locally.
hong:
hong: Is this the security hole in Windows 2000 environment
hong: or something else?
hong:
hong: Thanks in advance,
hong:
hong: Hong

Maybe the authentication credenitals are cached?

-- or --

(begin run-on sentence here)

If the local administrator of computer A has *GASP* the same password as
computer B (which we all know would be a bad thing to do, right class?)
then I believe that computer A will try to connect to computer B though
NTLMSSP using computer A's password.

(deep breath)

It is possible to disable all of the shares, expect IPC, in NT/2000.

 Scott Birl http://concept.temple.edu/sysadmin/
 Senior Systems Administrator Computer Services Temple University
====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

• Previous message: Chris Berry: "Re: Ten least secure programs"
• In reply to: hong li: "Security issue in Windows 2000?"
• Next in thread: dave klimen: "RE: Security issue in Windows 2000?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]