electraboy
ISP
I have a really scary security hole in my win2k server.
I provided access for the domain users like they need and all works fine. Users can't gain access to sources they don't require and vice versa as long as they are working on a station that is in the domain.
When working on a station that isn't in the domain, but just on the network for testing purposes and internet, users can access everything on the server, even c$ and ipc$ without being asked for a userid or a password.
The user that automatically is being logged on locally on the teststation doesn't even exists in the domain.
I even have access to the users home dir on which only for them is set read and write access...
Is there a supertrojan on my server ?? It is impossible to make anything foolproof because fools are so ingenious.
I provided access for the domain users like they need and all works fine. Users can't gain access to sources they don't require and vice versa as long as they are working on a station that is in the domain.
When working on a station that isn't in the domain, but just on the network for testing purposes and internet, users can access everything on the server, even c$ and ipc$ without being asked for a userid or a password.
The user that automatically is being logged on locally on the teststation doesn't even exists in the domain.
I even have access to the users home dir on which only for them is set read and write access...
Is there a supertrojan on my server ?? It is impossible to make anything foolproof because fools are so ingenious.
Murphy's Laws