Security Basics mailing list archives
Re: LAN issue
From: Steve Hillier <securityfocus () mastermindtoys com>
Date: Mon, 29 Oct 2007 11:13:30 -0400
2) To stop it from happening, you'll need to either: a) Stop them from being administrators on their machines (*That's* not going to happen - just google 'nordahl password' to see why)
Not so hopeless as you may think. First, set the BIOS on each machine to use the hard disk as the primary boot device (assuming you're booting from disk) and disable all other boot device selections. Second, set a supervisor password on the BIOS so that no unauthorised changes can be made. Third, physically secure the machine so that cannot be opened without permission to prevent any manual resetting of the BIOS. Booting tools from live CDs can circumvent any OS-level security you may have implemented. This would force all users into the OS before any access to the machine can take place, and maintains the integrity of your security policy. This isn't 100% guaranteed, but it will deter pretty much all of the casual problem users. Just my $0.02. sph On 10/26/2007 06:27 PM, Kurt Buff wrote:
1) To enumerate shares on student machines, one tool that I've found useful is Angry IP Scanner, found at http://www.angryziber.com/ipscan/. You'll want to grab the shares.dll plugin for it, if you're scanning from a Windows box. 2) To stop it from happening, you'll need to either: a) Stop them from being administrators on their machines (*That's* not going to happen - just google 'nordahl password' to see why) or b) Engineer your network so that SMB/CIFS doesn't work between the workstations on your LAN. (I find that highly unlikely also) Kurt On 25 Oct 2007 14:54:51 -0000, ankit.gupta.er () gmail com <ankit.gupta.er () gmail com> wrote:Hi, Please help me. I am in a college and I am been given a task by my lead. He has asked me scan the data student copy and past opening each other's computers eg. //172.2.2.2/c$ etc I want to know how to know about the number of drives student create logicaly. And can we stop it from happening.. And just a few minutes ago I was surfing over LAN. I faced a strange senario.. I was able to ping their workstation, was able to open their ip through cmd prompt but was not able to access the drives... help me out. m completely lost.. Thanks and Regard Ankit
Current thread:
- LAN issue ankit . gupta . er (Oct 25)
- RE: LAN issue Dan Denton (Oct 25)
- RE: LAN issue Jim Parkhurst (Oct 25)
- RE: LAN issue Robert D. Holtz - Lists (Oct 25)
- RE: LAN issue Kevin Ortloff (Oct 25)
- RE: LAN issue Murda Mcloud (Oct 26)
- RE: LAN issue Juan B (Oct 26)
- Re: LAN issue Kurt Buff (Oct 29)
- Re: LAN issue Steve Hillier (Oct 29)
- Re: LAN issue Dragos Ruiu (Oct 30)
- Re: LAN issue Steve Hillier (Oct 29)
- RE: LAN issue Dan Denton (Oct 25)