Re: WINDOWS 2000 SECURITY HOLE

From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 01/27/05

• Next message: josh82443: "How to find the IP of someone trying to Breakin?"
• Previous message: Wayne Gore: "How to locate the source of an account being locked out?"
• In reply to: IT_OPS: "WINDOWS 2000 SECURITY HOLE"
• Next in thread: Steven L Umbach: "Re: WINDOWS 2000 SECURITY HOLE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 27 Jan 2005 11:03:52 -0500

IT_OPS wrote:
> I HAVE SEEN VERY BIG SECURITY HOLE IN MY NETWORK.I HAVE SINGLE
> WINDOWS DOMAIN AND DC IS ACTING AS FILE AND PRINT SERVER RUNNING ON
> SP4.ONE NORMAL USER WITHOUT ANY ADMIN RIGHTS FROM XP CAN ACCESS ALL
> THE SHARES AND COMPLTELY ADMINISTER DELETE FILES CAN SEE SECURITY LOG
> I MEAN HE CAN DO EVERYHTING.SAME USER IF HE GOES TO OTHER PC HE CAN
> NOT ACCESS ANYTHING MEANS IT IS NORMAL.AFTER THAT I UPDATE SERVER
> WITH ALL SECURITY PATCHES RELEASED AFTER SP4 AND CLIENT I PUT XP SP2
> BUT STILL THAT USER WITH THAT PROFILE HE IS HAVING ADMIN RIGHTS.
> ONE MORE THING IF I DELETE HIS PROFILE THEN IF HE LOGS ON THEN
> EVERYTHING IS NORMAL.MEANS SOMETHING ON THAT PC WITH HIS PROFILE IF
> OTHERS LOG ON TO THE SAME PC IT IS NORMAL.
> MY MANAGEMET AFTER SEEING THIS WANTS REMOVE COMPLETELY WINDOWS OS
> FROM THE NETWORK.PLEASE CAN ANYBODY HELP ME WHY IT IS HAPPENED.

What groups is this user in?
What permissions does this user have? Profiles don't have permissions -
users (and in AD, computer objects) do.
Please turn off your caps lock - it is hard to read and is considered
"shouting". Also note that this is a group for Windows 2000 - your question
seems to concern WinNT, and XP clients.

---

• Next message: josh82443: "How to find the IP of someone trying to Breakin?"
• Previous message: Wayne Gore: "How to locate the source of an account being locked out?"
• In reply to: IT_OPS: "WINDOWS 2000 SECURITY HOLE"
• Next in thread: Steven L Umbach: "Re: WINDOWS 2000 SECURITY HOLE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Print Server Issue ... I have an odd issue. ... I have a Windows 2003 server I am using as a small ... print server. ... kman's Profile: http://forums.techarena.in/member.php?userid=47723 ... (microsoft.public.windows.server.general) Re: How do you all manage employee workstations? Looking for sugge ... When enabled roaming profiles, users have same profiles ... been authenticated within the directory service, the user profile, ... You can use group policy to assign software to all workstations. ... How to use Group Policy to remotely install software in Windows Server 2003 ... (microsoft.public.windows.server.sbs) Missing applications after XP clean install/reinstall - Help!! ... Here's my problem in a nutshell: I've reinstalled Windows XP SP2 clean. ... I've managed to get my main user profile back so I have all of my documents, ... I have the install disks for a lot of my major applications - Microsoft ... 40GB partition. ... (microsoft.public.windowsxp.setup_deployment) Re: Missing applications after XP clean install/reinstall - Help!! ... Here's my problem in a nutshell: I've reinstalled Windows XP SP2 clean. ... I've managed to get my main user profile back so I have all of my documents, ... I have the install disks for a lot of my major applications - Microsoft ... 40GB partition. ... (microsoft.public.windowsxp.setup_deployment) Re: Windows Server 2003 Service Pack 1 will not install ... You can try to install the Windows 2003 ... Expand to Windows Logs -> Application and right-click to select Save ... of the public folder database files. ... domain to the new SBS 2003 installation, way is to create a local profile, ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)