Logon prompt question
From: x y (x@y.com)
Date: 11/12/02
- Next message: Danny Sanders: "Re: Logon prompt question"
- Previous message: Regan Stricker: "Re: Everyone Group Missing"
- In reply to: George J: "Logon prompt question"
- Next in thread: Danny Sanders: "Re: Logon prompt question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "x y" <x@y.com> Date: Tue, 12 Nov 2002 11:55:52 -0800
>-----Original Message-----
>Hello,
>
>Is there any advantage (from a security standpoint) at
leaving the Win2K
>logon prompt open on an web server? I know that this
would help if someone
>got physical access to the server, but what about a web
server that is
>physically secure? Would it make any difference?
I don't know what you mean by "open." If you mean, is it
safe to disable the requirement to press CTRL-ALT-DEL to
login, the answer is no, though it depends on your
security needs. If you disable the login screen, the ID
and password is stored in plain text in the registry, and
hackers could remotely read your registry.
If you mean not using a password-protected screen saver so
that the screen does not lock itself during periods of
inactivity, this is usually not recommended, but if you
believe the machine is physically secure enough for your
needs, go ahead.
Other things you should consider:
http://securityadmin.info/faq.htm#harden
- Next message: Danny Sanders: "Re: Logon prompt question"
- Previous message: Regan Stricker: "Re: Everyone Group Missing"
- In reply to: George J: "Logon prompt question"
- Next in thread: Danny Sanders: "Re: Logon prompt question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
