Totpark (Was New "worst nightmare" for network admins)



X-No-Archive: Yes


Sebastian Gottschalk wrote:
chilly8@xxxxxxxxxxx wrote:

You have been here before spouting the same tripe. Any network admin can
spot an unusual stream of encrypted data flowing to and from a workstation.
Depending on the environment, that can be an instant tip off that the user
is up to no good. An admin can also use tools to see what applications are
running on a workstation. Again, anything that looks out of the ordinary is
a red flag.

And you keep forgetting the admins ability to remotely view the screen of
any workstation, and the keystroke logging programs used by many companies
to give them hard copies of the legal backing for firing someone.

And there are programs on the market that can hunt down and destroy
these things. here are a number of anti-spyware programs that can hunt
down and destroy any keyloggers, application monitors, screen monitors,
etc, etc, placed on your machine.

And why should a user be able to execute such applications in first place?
Just remove exec rights globally (trivial on security-enhanced Linux,
trivial on Windows XP with Software Restriction policies, trivial with
certain third-party security solutions for Windows 2000 and NT4), and only
allow execution of all relevant applications.

And why should a user be granted with administrative privileges that are
required to shut down privileged daemons or to run such programs which
simply require administrative privileges to shut down privileged daemons?

All a big non-issue.\


However, there is a new browser that some hacker have released
called TorPark, which does not have to be installed on any machine. You
can carry it on one of these USB drives that fit on your keychain, and
plug that into any USB port and run the
executable. TorPark conneccts to the Tor network without having to
download and install the Tor software. It comes pre-configured to surf
via the Tor network. Its desinged to run in "restricted" enfiroments
where one does not have priveleges to install the Tor software. Whoever
came out with that browser will be the network admins WORST NIGHTMARE
COME TO LIFE.

.



Relevant Pages

  • Re: Totpark (Was New "worst nightmare" for network admins)
    ... spot an unusual stream of encrypted data flowing to and from a workstation. ... And why should a user be granted with administrative privileges that are ... TorPark conneccts to the Tor network without having to ...
    (comp.security.firewalls)
  • Re: Setup client computer over RDP connection? Or how?
    ... Default a fresh install doesn't have RD enabled, so you can't RD to it. ... I can log onto the client computer using the admin account, ... Log into the workstation over RDP, ...
    (microsoft.public.windows.server.sbs)
  • Re: Client machine problems after join of SMB2003 domain
    ... the usual process for joining a workstation to the domain is: ... disjoined the client machines from Domain1 and joined them to Domain2. ... I tried to install an update to Nero 7 and got 66 ... tried to isntall as local admin and when that failed as ...
    (microsoft.public.windows.server.sbs)
  • Re: Sudden Issues with DHCP & Remote Access
    ... I re-booted a test workstation, after doing a ipconfig/release and DNS ... Is the SBS second NIC disabled in the BIOS? ... Broadcom Netxtrem Gigabit on Server. ... Suitehelp.dll problem after SBS SP1 install. ...
    (microsoft.public.windows.server.sbs)
  • Re: Question on XP network security
    ... the user has administrator rights. ... >necessary privileges on his/her own workstation, ... have you considered using SMS to install apps remotely? ...
    (microsoft.public.windowsxp.security_admin)