Re: Login Banner

["Remington Winters" <fyreguy () rivetgeek com>]

In windows 2000 this can be set in the group/domain policy if you wish to
avoid manually editing the registry.
----- Original Message -----
From: "Todd Plesco" <tod () megachump com>
To: <security-basics () securityfocus com>
Sent: Friday, December 20, 2002 2:58 PM
Subject: Re: Login Banner


> Sharon,
>
> Here is a sample message:
> Authorized Use Only!
>
> You must be assigned an account to access this computer and the network.
> The information on this computer and network is the property
> of this organization and is protected by intellectual property rights.
> Anyone using this system expressly consents to their activities being
monitored.
> The Graphical Identification and Authentication (GINA) at login that is
displayed can be interpreted as
> an invitation to breach system security. The "Welcome" caption on the
dialog box cannot be changed.
> However, you can enable a warning message dialog box to be displayed.
>
> NOTE: This dialog box is presented to the user after they press
CTRL+ALT+DEL and before the logon dialog
> box is presented.
>
> Windows NT and Later
> To enable a warning message to be displayed, make the following changes to
the registry:
> Start Registry Editor.
> From the HKEY_LOCAL_MACHINE subtree, go to the following subkey:
> SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
> Add or modify the following values:
>       Name                 Data Type   Value
> -----------------------------------------------
> LegalNoticeCaption   REG_SZ      Dialog Caption
> LegalNoticeText      REG_SZ      Dialog Message
>
>
> Windows 95 and Windows 98
> To enable a warning message, modify the following registry key:
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon
> The string values will appear on the logon banner.
>
> Example:
> "LegalNoticeCaption"="Important Notice:"
> "LegalNoticeText"="No Unauthorized access allowed"
>
>
>
> On Fri, Dec 20, 2002 at 02:11:02PM -0500, sharon_joyner () timeinc com wrote:

> > Hello List,
> >
> > We have a small network consisting of an NT 4.0 Server with Win95, Win98
> > and W2k workstations connected to it. There are three versions of a
> > login banner popping up on these workstations and we need to standardize
> > to the one "official" version. We've changed the banner on the server,
> > but this has only changed some workstations. Most still have their old
> > login banner displaying. Can anyone tell me how can we push out the
> > changed login banner to all workstations?
> >
> > I've been doing mainframe (acf2/racf) security for 10 years and just
> > started working on our NT environment (didn't lose the MF resonsibility,
> > though), so I apologize if this question is overly simplistic. Please be
> > kind.
> >
> > Sharon Joyner, CISSP
> > IS Security Administrator
> > WPS, Tampa
> > 813-664-8147
> > Sharon_joyner () timeinc com
> >
> > -----------------------------------------------------------------------
> >
> > This message is the property of Time Inc. or its affiliates. It may be
> > legally privileged and/or confidential and is intended only for the use
> > of the addressee(s). No addressee should forward, print, copy, or
> > otherwise reproduce this message in any manner that would allow it to be
> > viewed by any individual not originally listed as a recipient. If the
> > reader of this message is not the intended recipient, you are hereby
> > notified that any unauthorized disclosure, dissemination, distribution,
> > copying or the taking of any action in reliance on the information
> > herein is strictly prohibited. If you have received this communication
> > in error, please immediately notify the sender and delete this message.
> > Thank you.
>
> --
> Todd Plesco
> tod () megachump com