Re: Home network admin - can he browse my files?

On 9 Mar 2006, in the Usenet newsgroup alt.computer.security, in article
<1141912785.558503.123940@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, myahact@xxxxxxxx wrote:

Can the network administrator log on through the network to my laptop as
"administrator" (or something else) and access my files?

Does the 'network administrator' have an account on your laptop? Does
that person know the/a password to any account?

I know he can intercept my internet communications (including passwords)
and that doesn't bother me, but I don't want him accessing my files.

As long as you are aware that all network traffic can be monitored.

I checked the properties for my C:\ drive and it is not shared, yet I have
this feeling there's another door somewhere...

Two things. First, do _ALL_ accounts on the laptop have "good" passwords?
By this I mean something that is not a word in any dictionary, has mixed
UPPER and lower case, at least one number, and one punctuation mark? Do
a google search for "CERT Advisory CA-2003-08" from March 2003, and see all
of the ineffectual passwords the 'deloder' worm was using to break into
computers world-wide.

Second - will anyone have unsupervised physical access to the computer?
With many computers, it takes only a few minutes to open the case, and
physically remove the hard disk - moving it to another computer where any
part of the disk can be copied to another location. The solution for that
is physical security, and an encrypted file system.

Passwords are the usual weak spot. All to many have no password, or something
absolutely any five year old can guess. The problem with "good" passwords is
that they are harder to remember. A solution to that is to use FOR EXAMPLE
the first letter of each word of a phrase - perhaps from a song, or the
motto of your school, or similar. Thus, "Twinkle, twinkle, little star, how
I wonder what you are" can become 'Ttl*h1wwUr' - except that I use this
example fairly often, and someone may guess it. So, use your own phrase.

I use XP Home, NTFS filesystem.

I don't, so pay attention to what the others have posted as well.

Old guy
.

Relevant Pages

  • Re: Unable to use "Policy Editor" in a Windows XP workstation
    ... The Network Administrator has already created all users in AD (Replicate the name from existing NOS). ... I am able to use the "Active Directory Users and Computers" ... A SAM account name differs from its domain account name. ...
    (microsoft.public.windows.server.general)
  • Re: Cant Access Device on LAN
    ... I also verified Guest account was activated and restictananymous was set ... Create matching user accounts and passwords on all machines. ... If one or more of the computers is XP Pro or Media Center, ...
    (microsoft.public.windowsxp.network_web)
  • Re: Unable to use "Policy Editor" in a Windows XP workstation
    ... And the Network Administrator is on annual leave and I am a helpdesk staff. ... My machine is still running a NOS other than Active Directory. ... An account does not exist on domain member computers. ... A SAM account name differs from its domain account name. ...
    (microsoft.public.windows.server.general)
  • Re: Problems with accessing Win2000 Server on Workgroup
    ... You'll want to create an account (in Users and Passwords) on the Win2k ... The server can ... But the computers can't access the folders I've shared on the ...
    (microsoft.public.windows.server.networking)
  • Re: Network trouble
    ... If you are using Classic file sharing on XP Pro, ... the same account, but a matching account must exist on the other machine. ... >> Does each PC have Users that employ passwords. ... >>> computers', both computers show up. ...
    (microsoft.public.windowsxp.general)