***warning to windows network admins***
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: ***warning to windows network admins***

  1. #1

    ***warning to windows network admins***

    Alot of you may know this already but I was looking around the schools network today and found quite a serious problem, any user can easily access computer management and alot more through "help" for those who already know this I am sorry to bother you but for those who don't DISABLE HELP I am surprised how many people either don't know this or haven't taken any action to stop it.

    James

    P.S. this information is meant for security purposes only NOT to cause harm...also is there any way to make posts that only higher members can view
    http://www.danasoft.com/sig/c0bra.jpg
    click here to hack my computer and delete all my important files

  2. #2
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Does'nt making posts that only "Higher members can view" defeat the object of this site?
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  3. #3
    Junior Member
    Join Date
    Oct 2003
    Posts
    3
    and if there was a way to do that you would beable to view you own post

    :-p
    .:COW:. Gamers Network
    www.cowgamers.net
    #cowgamers on gamesnet

  4. #4
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    LOL @ cowgamers!!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    also is there any way to make posts that only higher members can view
    Sorta, both are earned site benefits.

    1) Conference rooms - A place where private threads can be posted by means of conference ID and conference password. You would have to distribute this to people you know, not specifically to seniors.
    2) Addicts forum - A place where you can go after you hit a certain number of posts. Refer to the site FAQ for the exact number but the trick here is that you have to earn the benefit before you can post in this special forum. Oh and that's where we seniors post all the *really* good stuff. LOL.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,743
    Back to c0bra's post..

    What O/S are you talking about.. I assume MS products.. but are we talking 9x or NT based..?



    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  7. #7
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    He is talking NT based products. The give away is the Computer Management reference, which isn't a choice on 9X.

    Also, the issue he is talking about is well known (not to mention an intended feature). By default, you can use Computer Management to connect to other MS boxes and make all kinds of changes and gather tons of info on the boxes. To try this out, just grab 2 W2K boxes (or XP or W2K3) and throw them up on a small test network. Then right click on My Computer, select Manage, then select the Action pulldown menu and select Connect to Another Computer. Then select Browse, then Advanced, then Find. Select the computer from the list then ~PRESTO~ instant remote management.

    Anyway, this can easily be defeated by locking down workstations but there are hundreds of posts here that deal with that. I must have posted about half dozen of them myself.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi c0bra, and welcome to AO. Thanks for the post, it may well be an eye-opener for those who have not given it thought.

    We generally have a saying on AO: "RTFM" You would not be able to say that if you disable the "FM" (the help facility)? This would tend to increase the workload of the Sysadmin and support team? Furthermore, part of the learning process is finding out for yourself? e.g.

    1. The help facility (FM)
    2. Google Search
    3. Microsoft technical support website

    So it is not setting a good example, and might be counterproductive other than as a SHORT TERM measure whilst you lock your system down?

    I think thehorse13 has it when he says:

    Anyway, this can easily be defeated by locking down workstations but there are hundreds of posts here that deal with that. I must have posted about half dozen of them myself.
    You need to start with a SECURITY POLICY and work outwards from that. Security is multidimensional or layered in a networked environment. If you set up as a single user environment (WIN9x), you will be as weak as those environments.

    Just my 0.02

    Cheers

    I see no harm in being able to read about a feature if you are not authorised to use it?

  9. #9
    Senior Member
    Join Date
    May 2003
    Posts
    472
    well i actually tried what thehorse13 has told. I used Win XP Pro to connect to Win XP Pro and Win 2K machines......but no information is given out ..... for everything you will have no premissions even for viewing only u dont have permissions.......i suppose if the person knows ur logon id and password and logon on his system with same ID and Same passwd then i might be possible to change the settings...so i dont see much to panic...
    guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;

  10. #10
    You can't remotely administer a machine unless you're a member of the Domain Administrators group or the Local Admins group of the box that you're attempting to connect to through computer management (only then, it would be your domain account that would need to have membership) or if your domain account has the necessary perms at the domain level, etc.
    You're still able to view the machine and collect information which is dangerous enough on it's ownj

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •