Vulnerability Development mailing list archives
the microsoft hack & windows 2000
From: Masial <masial () SECURED ORG>
Date: Mon, 30 Oct 2000 02:13:40 -0500
Hi list, I was reading this peice on /. about the MS hack and it got me thinking that microsoft might be right on something. <SNIP> "How about how someone who had the ability to create accounts on the network, if the incident only did last a week as the article implied, could only perhaps have a 'brief glimpse of the source code.' I don't know about you, but even on a 2400 baud modem, I think I could probably download more than a glimpse." </SNIP> Now I was saying to myself, well this guy is thinking NT. But in windows 2000, you can have a user thats able to create accounts in a certain scope while having absolutely no rights on the source safe servers. Is it possible that Windows2000 will bring new shades in accounts hacking? How do you get out of a partial-admin account? Where can you elevate your privileges? In light of the new Active Directory, you might have an account with the ability to change propreties A,B and C of an object while having a permission denided on some other. My real question here is, is that just security trough obscurity? Obsfucate your enemy. Or is it possible that splitting up the admin's rights prove helpfull to the security of Win2000 based networks? food for tought M.
Current thread:
- the microsoft hack & windows 2000 Masial (Oct 31)
- Re: the microsoft hack & windows 2000 Lincoln Yeoh (Nov 01)
- <Possible follow-ups>
- Re: the microsoft hack & windows 2000 Elliott Abraham (Nov 01)