Security Basics mailing list archives
Re: Login Banner
From: Gene <gyoo () attbi com>
Date: Mon, 23 Dec 2002 14:41:10 -0800
Todd Plesco wrote:
Sharon,Here is a sample message: Authorized Use Only!You must be assigned an account to access this computer and the network.The information on this computer and network is the property of this organization and is protected by intellectual property rights. Anyone using this system expressly consents to their activities being monitored. The Graphical Identification and Authentication (GINA) at login that is displayed can be interpreted as an invitation to breach system security. The "Welcome" caption on the dialog box cannot be changed. However, you can enable a warning message dialog box to be displayed. NOTE: This dialog box is presented to the user after they press CTRL+ALT+DEL and before the logon dialog box is presented.Windows NT and LaterTo enable a warning message to be displayed, make the following changes to the registry: Start Registry Editor.SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Add or modify the following values:From the HKEY_LOCAL_MACHINE subtree, go to the following subkey:Name Data Type Value ----------------------------------------------- LegalNoticeCaption REG_SZ Dialog Caption LegalNoticeText REG_SZ Dialog Message Windows 95 and Windows 98To enable a warning message, modify the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon The string values will appear on the logon banner.Example: "LegalNoticeCaption"="Important Notice:" "LegalNoticeText"="No Unauthorized access allowed"On Fri, Dec 20, 2002 at 02:11:02PM -0500, sharon_joyner () timeinc com wrote:Hello List, We have a small network consisting of an NT 4.0 Server with Win95, Win98 and W2k workstations connected to it. There are three versions of a login banner popping up on these workstations and we need to standardize to the one "official" version. We've changed the banner on the server, but this has only changed some workstations. Most still have their old login banner displaying. Can anyone tell me how can we push out the changed login banner to all workstations? I've been doing mainframe (acf2/racf) security for 10 years and just started working on our NT environment (didn't lose the MF resonsibility, though), so I apologize if this question is overly simplistic. Please be kind. Sharon Joyner, CISSP IS Security Administrator WPS, Tampa 813-664-8147 Sharon_joyner () timeinc com ----------------------------------------------------------------------- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you.
i think the requestor is looking for a mechanism such as hyena or other proprietary tool from netiq, etc... to push the changes throughout. of course you could use the ad gpo, but since the environment is hybrid, a small cost effective tool like hyena should be sufficient going forward with their nt/2000 environment...
gene -- <gyoo [at] attbi [dot] com>
Current thread:
- Login Banner sharon_joyner (Dec 20)
- Re: Login Banner Todd Plesco (Dec 23)
- Re: Login Banner Johannes Ullrich (Dec 23)
- Re: Login Banner Remington Winters (Dec 23)
- Re: Login Banner Gene (Dec 23)
- <Possible follow-ups>
- Re: Login Banner Chris Berry (Dec 23)
- RE: Login Banner Brian Dunbar (Dec 24)
- Login Banner stray+security-basics (Dec 30)
- Re: Login Banner Todd Plesco (Dec 23)