Re: Privilege-escalation attacks on NT-based Windows are unfixable

From: Edward Elliott (nobody@127.0.0.1)
Date: 08/22/02


From: Edward Elliott <nobody@127.0.0.1>
Date: Thu, 22 Aug 2002 19:29:57 GMT

david20@alpha1.mdx.ac.uk wrote:
> Depends what is done on the compromised workstation. For instance if a
> workstation is compromised and then a user on that workstation uses Kerberos
> then a program can easily grab that user's credentials.

In other words, it depends on your network trust model. If hosts on the
network are highly trusted, elevating privileges on one machine can be
disastrous. If the hosts are mutually untrusting, privilege escalation
won't buy an attacker much.

-- 
Edward Elliott



Relevant Pages

  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... > Depends what is done on the compromised workstation. ... elevating privileges on one machine can be ... If the hosts are mutually untrusting, ...
    (comp.security.misc)
  • Strange case of ping time-out
    ... They are all functioning properly except one workstation. ... This HP-Compaq d330 microtower cannot access the Internet via IE7. ... All our hosts get DNS and WINS ... and use the Cisco firewall as gateway. ...
    (microsoft.public.windows.server.networking)
  • Re: Limiting connection scope
    ... Windows firewall and alternatives are all user-oriented, ... This workstation is located on a network, boundaried by a firewall, and is ... prevented from connecting to other hosts within or outside the network. ...
    (comp.security.firewalls)
  • Re: Limiting connection scope
    ... Windows firewall and alternatives are all user-oriented, ... This workstation is located on a network, boundaried by a firewall, and is ... prevented from connecting to other hosts within or outside the network. ...
    (comp.security.firewalls)
  • HELP : W2K hosts having weird behaviour
    ... some rare hosts seems not to be reachable on the network, ... WS001 192.128.1.1 normal W2K workstation ... All WS00x are present in DNS table, ... WS002 doesn't answer to ping request, ...
    (microsoft.public.win2000.networking)