Firewall Wizards mailing list archives
RE: Proxy 2.0 secure?
From: Aleph One <aleph1 () dfw net>
Date: Tue, 23 Jun 1998 20:15:56 -0500 (CDT)
On Thu, 18 Jun 1998, Stout, Bill wrote:
Recently mnemonix discovered that various applications can be renamed to \winnt\system32\logon.scr (the logon screen saver) which run either with file owner privs or 'system' privs. Applications such as usermanager can be used to add a user to local admin groups and then domain admin groups. That's an example of so simple a thing that should've been discovered long ago. (Research on the behaviour still being conducted).
And if you followed the discussion you know that he must have been an admin because no one could reproduce his results as a regular user.
See: http://www.counterpane.com/pptp.html or postings by Aleph One in NTBugtraq. PPTP is going away in NT5.0 anyway.
Actually, as far as I know PPTP will be in NT5.0. They will probably try to deploy L2FP but they must keep backwards compatability.
Too many firewalls are reviewed and judged as if they were desktop user products instead of security products, then given points for feature-bloat rather than penalized for opening too many holes. I place the blame directly on magazine reviewers and the managers who swear by them. Bill Stout
Aleph One / aleph1 () dfw net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- RE: Proxy 2.0 secure? Stout, Bill (Jun 23)
- RE: Proxy 2.0 secure? Aleph One (Jun 24)
- <Possible follow-ups>
- RE: Proxy 2.0 secure? Grigorof, Adrian (Jun 24)
- Re: Proxy 2.0 secure? Gillian Steele (Jun 24)
- Re: Proxy 2.0 secure? tqbf (Jun 25)
- Re: Proxy 2.0 secure? Vanja Hrustic (Jun 25)
- Re: Proxy 2.0 secure? Kjell Wooding (Jun 25)
- Re: Proxy 2.0 secure? tqbf (Jun 26)
- Re: Proxy 2.0 secure? Ted Doty (Jun 25)
- Re: Proxy 2.0 secure? Mark Horn [ Net Ops ] (Jun 25)
- RE: Proxy 2.0 secure? Vanja Hrustic (Jun 25)
- RE: Proxy 2.0 secure? ark (Jun 25)