Full Disclosure mailing list archives
Re: Networking security problem?
From: "Roy S. Rapoport" <full-disclosure () ols inorganic org>
Date: Thu, 10 Jul 2003 19:43:06 -0700
On Fri, Jul 11, 2003 at 10:56:26AM +1000, gregh wrote:
Am I being pedantic here? To my mind, if a password is required to use the machine locally, it should automatically require the network connection to be broken. XP goes back to the Welcome screen depending on your settings or the NT looking username and password box you would all know. I find it totally mystifying that a machine that is "protected" at keyboard level by a password so people cant get into it and look up sensitive info can still be gotten into at least by the local LAN and info STILL gained. The problem here is if a disgruntled employee went postal and knew this info, he/she could do what they want. I understand the programs and data could be protected in other ways but it also hit me that there must be quite a few small to medium companies living in a delirious limbo like this, too. Any comments? Am I just pedantic or is this really a headbanger?
Here's a nickel, kid. Go buy yourself a real OS. Network accessibility and managing network access to sensitive resources has little -- I'm sorry, *no* -- relation to keyboard & monitor access. My main server at home (on which I'm writing this right now!) is screenlocked. If it was not network-accessible while it was screenlocked, I'd be SOL. I was playing with screenlocked UNIX systems thirteen years ago; said systems were perfectly accessible via the net. This is a feature, not a bug. -roy _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Networking security problem? gregh (Jul 10)
- Re: Networking security problem? Roy S. Rapoport (Jul 10)
- RE: Networking security problem? Luca Mihailescu (Jul 10)
- <Possible follow-ups>
- RE: Networking security problem? Chris Cozad (Jul 10)
- RE: Networking security problem? ben . eisel (Jul 10)
- RE: Networking security problem? Ron DuFresne (Jul 11)
- Re: Networking security problem? roman . kunz (Jul 11)