I think I may have found a security oversight.
From: Pete Grazaitis (pjgratz@yahoo.com)Date: 10/09/02
- Next message: Ahlala: "how can I prevent students from installing softwares on win98 machines (like on xp ones)"
- Previous message: Thor Kottelin: "Re: Authentication Question?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: pjgratz@yahoo.com (Pete Grazaitis) Date: 9 Oct 2002 12:14:39 -0700
Here is what I have found out.
We run a mixed environment, native domain windows 2000 network. We
use group policies and scripts to control our connecting clients,
which are a mix of workstation's,servers's and laptop's. Since laptop
people are in and out of the office they tend to just log in locally.
This is fine except for the unfortunate ability to completely
circumvent our login scripts and group policies. However, they do
have the ability (provided using the same name and password) to get at
all of the shares on the network. It doesnt matter if the share has
all NTFS permissions based on the domain and the connecting client is
not part of the domain. This happens whether the NTFS permissions are
defined on the user, global group, or local group objects. Is this a
big problem, or am I overlooking something.
The other thing I noticed was an XP client that thought one of the
login scripts was a potential virus and allowed the user to terminate
it. Anyway to lock that down too?
- Next message: Ahlala: "how can I prevent students from installing softwares on win98 machines (like on xp ones)"
- Previous message: Thor Kottelin: "Re: Authentication Question?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
