RE: locked out of XP, need file access
From: Joey Peloquin (jpelo1_at_jcpenney.com)
Date: 12/29/03
- Previous message: Brian Dunbar: "Re: locked out of XP, need file access"
- In reply to: JGrimshaw_at_ASAP.com: "Re: locked out of XP, need file access"
- Next in thread: Adam Hawliczek: "Re: locked out of XP, need file access"
- Reply: Adam Hawliczek: "Re: locked out of XP, need file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Dec 2003 12:32:48 -0600 To: JGrimshaw@ASAP.com
Grimshaw,
[snip]
->To preface, I apologize if I am wrong. I also expect to be
->bashed for
->being harsh, but sometimes reality stings.
On the contrary, I'm surprised someone, including myself, hasn't brought
this up before. Or recently, at least, if it has been brought up before.
->A question that I have, is that if the box is his, and those
->files are his
->(and are important), how did he suddenly just "forget" the
->admin password?
-> What has he been using to log in on a daily basis? Why isn't the
->password for this box the same as the other local admin
->passwords on the
->network? Why is he administrating an XP box and then throwing up
->comparisons to Windows 98 PWL files? Why not connect to the
->network and
->log on with domain administrator rights? If he does not have
->the access,
->why not call their helpdesk and have one of the
->administrators do this?
ALL very valid questions.
Naturally, it is very possible he _did_ forget his password ... We've all
done it. However, it's also entirely possible the scenario Grimshaw laid
out below is right-on.
What I'd like to know is why someone is using the Admin account on a WinXP
box (or ANY multi-user box, for that matter) as if it was a regular user?
Do you realize the power you're giving away when an exploit yields
privileges *of the logged-on user*?
By the way, I would caution against setting every local admin password the
same, network-wide. It could be the difference between cleaning up one
"owned" server, as opposed to dealing with a data center *full* of "owned"
boxes.
->While I agree that sharing of wisdom is vital to the growth of this
->mailing list, the temperance of such wisdom should be considered. I
->shared this email with my co-workers, and we all thought a
->laptop fell out
->of the back of a truck into the requestor's lap.
->
->Perhaps it is because I do not trust email's originating from
->a hotmail
->address asking for a hack. Anyone can get a hotmail address
->with any
->information provided.
This is precisely why I typically don't answer these types of questions.
[snip]
Thanks for saying what I'm sure a lot of us were thinking.
Joey Peloquin
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If the reader of this message is not the intended recipient,
you are hereby notified that your access is unauthorized, and any review,
dissemination, distribution or copying of this message including any
attachments is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete the material from any
computer.
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Brian Dunbar: "Re: locked out of XP, need file access"
- In reply to: JGrimshaw_at_ASAP.com: "Re: locked out of XP, need file access"
- Next in thread: Adam Hawliczek: "Re: locked out of XP, need file access"
- Reply: Adam Hawliczek: "Re: locked out of XP, need file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
