RE: Security issue in Windows 2000?

From: Robert Sieber (securityfocus_at_different-thinking.de)
Date: 07/03/03

  • Next message: Ansgar Wiechers: "Re: Ten least secure programs"
    To: "hong li" <hong_li_98@yahoo.com>, <security-basics@securityfocus.com>
    Date: Thu, 3 Jul 2003 21:35:52 +0200
    
    

    Hong,

    I think you are a little bit wrong! Since Windows NT the following
    rule matches every situation:

    If there are on two machines an account with the same username
    and password - the machines will trust each other for this particular
    user irrespective of the domain or computer-domain

    Robert

    -- 
    http://board.protecus.de - Firewalls, Security and more ...
    www.different-thinking.de - Netze, Protokolle, Sicherheit, ...
    > -----Original Message-----
    > From: hong li [mailto:hong_li_98@yahoo.com]
    > Sent: Wednesday, July 02, 2003 4:35 PM
    > To: security-basics@securityfocus.com
    > Subject: Security issue in Windows 2000?
    > 
    > 
    > If you use the same password for the local
    > administrator on workstations 
    > as all other servers's local administrator, (even
    > domain administrator),the local administrator can gain
    > full access to any servers without asking 
    > domain info if you logon locally using local
    > administrator account.  You even can map to
    > \\servername\c$ whihout asking any domain users info.
    > 
    > I recalled this never happenes in NT environment and
    > it always pops you doamin userinfo when you access any
    > server in the doamin if you log on locally.  
    > 
    > Is this the security hole in Windows 2000 environment
    > or something else?
    > 
    > Thanks in advance,
    > 
    > Hong
    > 
    > 
    > __________________________________
    > Do you Yahoo!?
    > SBC Yahoo! DSL - Now only $29.95 per month!
    > http://sbc.yahoo.com
    > 
    > ------------------------------------------------------------------
    > ---------
    > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    > The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    > while InStat has confirmed Neoteris as the leader in marketshare.
    >      
    > Find out why, and see how you can get plug-n-play secure remote access in
    > about an hour, with no client, server changes, or ongoing maintenance.
    >           
    > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    > ------------------------------------------------------------------
    > ----------
    > 
    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------
    

  • Next message: Ansgar Wiechers: "Re: Ten least secure programs"

    Relevant Pages

    • AW: Getting an IP address from a MAC address
      ... if you are in a windows environment, nbtstat -c -a NetBIOS_Name will provide ... talking about mac addys and wanted to mention that i noticed this. ... >> Evaluating SSL VPNs' Consider NEOTERIS, ...
      (Security-Basics)
    • RE: Security issue in Windows 2000?
      ... domain administrator),the local administrator can gain ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ... and see how you can get plug-n-play secure remote access in ... about an hour, with no client, server changes, or ongoing maintenance. ...
      (Security-Basics)
    • RE: sshd for windows
      ... use OpenSSH for Windows from the URL given to you? ... As is Windows Terminal Services and Remote Desktop. ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ... > about an hour, with no client, server changes, or ongoing maintenance. ...
      (Security-Basics)
    • Re: Ten least secure programs
      ... >>The Gartner Group just put Neoteris in the top of its Magic Quadrant, ... and see how you can get plug-n-play secure remote access ... >>about an hour, with no client, server changes, or ongoing maintenance. ...
      (Security-Basics)
    • RE: nmap for windows
      ... Subject: nmap for windows ... I really dig nmap. ... The Gartner Group just put Neoteris in the top of its Magic ... about an hour, with no client, server changes, or ongoing maintenance. ...
      (Security-Basics)