Re: Access to network shares

Present generation access control on shares within Windows
is based on the account that is accessing, not the machine from
which the access originates.
You mentioned cert vs kerberos, but not whether you are
sure you are not forcing encryption of entire packet content,
which could be part of a slowing.

"Marianna" <mtomasatti@xxxxxxxxx> wrote in message
news:Oy8n8gHQHHA.4912@xxxxxxxxxxxxxxxxxxxxxxx
It's slow also ipsec with kerberos.
The server and the client is on test environment on Vmware GSX Server
connected on wireless network.
Probably my conf is wrong...
The parameter of security option doesn't help me?
Can I set the parameters of network access that helps me? What?
Thanks
Marianna

"Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> ha scritto nel messaggio
news:%23$Hk8RHQHHA.4104@xxxxxxxxxxxxxxxxxxxxxxx
Have you tried IPsec based on Kerberos instead of certs,
and are you sure whether the slowing you mention is due
to having defined encryption of the entire packet to happen
instead of only enforcing a secure IPsec asssociation for
the traffic? At this time, using IPsec is the industry defined
way to ascertain the endpoints in a network exchange.

"Marianna" <mtomasatti@xxxxxxxxx> wrote in message
news:u2m62lGQHHA.1248@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
is it possible to use the certificate, created from my CA (generated on
Windows 2003 Server Enterprise - CA Standalone or CA integrated with
AD), to access to network shares so that I am sure that the pc connected
is really that pc ?
And I can disable the possibility that anyone, knowing the user
credential, with a pc not authorized, can to be connect to network
shares ?
I cannot use the smart card for now and, configuring the network to use
IPsec and certificate, is very very slow the access to the network
shares.

That one I ask, is it possible?
If yes, there is any documentation?

Thanks
Marianna







.

Relevant Pages

  • Fwd: CERT Advisory CA-2003-08 Increased Activity Targeting Windows Shares
    ... poorly protected file shares. ... Intruders have been able to leverage poorly ... The network scanning associated with this activity is widespread but ... W32/Deloder attempts to compromise the Administrator ...
    (Bugtraq)
  • Re: Security update pulled back
    ... Recommended Update for Windows XP ... This update to internet Protocol Security Clients IPSec and L2TP/IPSec ... update if they use IPSec and/or L2TP Virtual Private Network ...
    (microsoft.public.security)
  • CERT Advisory CA-2003-08 Increased Activity Targeting Windows Shares
    ... reports of systems running Windows 2000 and XP compromised due to ... poorly protected file shares. ... The network scanning associated with this activity is widespread but ... W32/Deloder attempts to compromise the Administrator ...
    (Cert)
  • Re: XP Pro Map Network Drive Problem
    ... but I suggest trying the change covered in "A Windows XP Client Cannot Log On to a Windows NT 4.0 Domain" ... All these computers have had clean Windows ... made to the network setting. ... Windows Network/Workgroup and I can read and write from/to the shares ...
    (microsoft.public.windowsxp.network_web)
  • Re: auto mounting shares
    ... With a Windows network, live shares are always available in explorer ... I know I can achieve this on a Mac by putting the shares into Login ... Which network filesystem does the LinkStation use? ... You can automount NFS ...
    (uk.comp.sys.mac)