Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [OFF TOPIC] winxp home expusure

From: himba <himba () siol net>
Date: Tue, 23 Mar 2004 15:05:42 +0100
Richard Maudsley wrote:

The VNC server runs as a system service. It is able to function when there
are no users logged on.

What do you mean 'how bad'?
bad in security perspective - there are alot of 'rummors' and online articles about winXP home edition being the worst case for use in local area networks (company lan, not home lan). We are still running win98 on most of the desktops but notebooks we obtained recently have winxp home edition installed by default and didn't bother to use eg. win98 or winxp pro. though we will have to start using pro version if want to be able to use vpn and file access from outside of the lan. 



You are suggesting that Windows lies about the state of its network
interfaces?
hmm, yes, so what it actually closes are maybe just -home networking- connnections eg. no access to local shares ? So if somebody planted malicious program it would run always, no matter if someone is logged in or not.
If the actions performed upon log out would really close all network connections to the machine running winxp home I belive this would at least be one very good setting implemented by ms :) 

rgrds, himba


-rich

himba <himba () siol net> wrote:


Hi,

How bad is it to have Win XP HOME at work - in LAN ?
I ask for security reasons - I just logged off in winxp home from vncviewer and it said -closing all network connections ...- and my vnc connection still remained active :)? 

regards, himba

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: