Penetration Testing mailing list archives
Re: Remote access and automatize user account creation (Windows XP)
From: Shreyas Zare <shreyas () technitium com>
Date: Fri, 7 May 2010 01:03:18 +0530
On Wed, May 5, 2010 at 11:23 PM, <sbesson () ymail com> wrote:
Hello everybody, One of my client who has great needs in security, is asking me two questions which I wasn't able to answer to : 1. My client is looking for a remote access software (such as VNC) which could allow 2 simultaneous sessions on Windows XP SP3. Are you aware of any software like this ? Also, which one is the best regarding security ? 2. The support/exploitation IT department has been complaining about having to enter credentials during the installation of an XP image. They are asking my client to automatize the creation of 2 local accounts w/o having to enter any credentials. This means that the credentials used in order to create both account have to be stored somewhere right ? (ie, in a script). What are the best security practice regarding this ? How to automatize the creation of a ressource (user account, etc.) which require authentication w/o having to enter password ? Thanks in advance for your help. Best regards, S. AIBI
Hi, You can use VNC itself by making user to dial a VPN connection first. This will make the VNC session secure. And for windows xp installation, I would recommend to use Windows Deployment Services (WDS) (previously known as Remote Installation Services). Installation thus can be made totally automated, you will just need to boot the machine from network. Local user creation then can be done by executing a VBS WMI script using active directory. Regards, -- ("The best way to predict the future is to invent it." -- Alan Kay) Shreyas Zare Sr. Information Security Researcher Secfence Technologies www.secfence.com ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Remote access and automatize user account creation (Windows XP) sbesson (May 06)
- RE: Remote access and automatize user account creation (Windows XP) Paul Griggs (May 06)
- Re: Remote access and automatize user account creation (Windows XP) Shreyas Zare (May 06)
- Re: Remote access and automatize user account creation (Windows XP) TAS (May 06)
- Re: Remote access and automatize user account creation (Windows XP) Susan Bradley (May 06)
- Re: Remote access and automatize user account creation (Windows XP) aryasheel.pradhan (May 07)