Re: Privilege-escalation attacks on NT-based Windows are unfixable

From: David Hopwood (david.hopwood@zetnet.co.uk)
Date: 08/22/02 

Date: Thu, 22 Aug 2002 03:39:17 +0000
From: David Hopwood <david.hopwood@zetnet.co.uk>

-----BEGIN PGP SIGNED MESSAGE-----

RCC wrote:
> I'd say the only real issue with this "feature" is Terminal Server services
> in user mode. You will not allow users to log on locally on your servers
> other than terminal server (I know , IIS, but this is not a CONSOLE login
> therefore users cannot get the tools to it); if the users takes over the
> workstation, this is only a local machine issue, which does not compromises
> a well secured (layered) network.

So you're basically saying that local privilege escalation doesn't matter,
because it doesn't in itself allow remote attacks? That seems completely
bizarre to me.

What exactly is the point of an OS having all the security-related APIs,
file permissions, auditing features, etc. that NT has, if it doesn't seriously
attempt to prevent privilege escalation? Might as well use a single-user OS
in that case.

- --
David Hopwood <david.hopwood@zetnet.co.uk>

Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
Nothing in this message is intended to be legally binding. If I revoke a
public key but refuse to specify why, it is because the private key has been
seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBPWRbWDkCAxeYt5gVAQEEuAf/fS0ZdjI7WNFN/OVjmt/lewiUs0wdDosm
YORGDa4tQHkJxc9kG1VxKWoM1yaBJ2CKHspFR4KyKGVRmw4R9TMaorA17Lm2C6OQ
o/94LT7QorRwvWSjt0E4VfVqlYQpkoobmjdavuO3Q4UvsE6eRDp9L9psJr1aoZnO
16motD9EpZU5IZLWKayqbuAlE1bnUx0gQJx+7/GSN9naB91zSXbXEUM2ngdcwt79
CHFS/oEsTDiE8ZpRpah7OOj2XhauL9uyvzUZyiy0lD9G1YjzmTAm2cm8fC3CphnR
RIZa0rtno2pvKC9Cm8im3nJRVi4nb8N/456bN6XVYRVcuknYhO1Efw==
=vyQD
-----END PGP SIGNATURE-----

Relevant Pages

  • Re: UTM Appliance for Terminal Server
    ... I had read that Citrix had this feature but the ... simple solution when you are talking about a network-level or perimeter ... Server 2008 R2 (I think they call it Remote Desktop Host server now), ... Essentially, if you setup this feature, your Terminal Server can assign ...
    (microsoft.public.windows.terminal_services)
  • Access 2003 - Sandbox Mode - Setting Macro Security to Low
    ... My problem is that this application is run in a terminal server environment. ... Looking for options of turning this feature off. ... I don't have a digital signature and it looks ... are other developers handling this? ...
    (microsoft.public.access.macros)
  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... > I'd say the only real issue with this "feature" is Terminal Server services ... So you're basically saying that local privilege escalation doesn't matter, ... public key but refuse to specify why, it is because the private key has been ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: Remove "Log On To" In RDP Login
    ... Microsoft MVP - Terminal Server ... userid blank, but it *should* work... ... there is an annoying "feature" of TweakUI that could be ... user changes it to a local logon. ...
    (microsoft.public.windows.terminal_services)