|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: uh, oh (was:Re: w2k server compromised)
Date: Wed Jan 29 2003 - 15:29:29 EST
I imagine that the local administrator and the domain administrator's
password are the same, and the laptop is passing the local account
username/password pair to the server.
Just a SWAG.
Thomas Cameron, RHCE, CNE, MCSE, MCT
Best Software - MIP
-----Original Message-----
From: Dan Uscatu [mailto:duscatu@lunatech.ro]
Sent: Wednesday, January 29, 2003 10:04 AM
To: focus-ms@securityfocus.com
Subject: uh, oh (was:Re: w2k server compromised)
ok here are the conclusions:
in order to create a second DC, one *must* set the DNS on this second computer to point to the first DC. dont ask why... my guess it has somehting to do with netbios names
i have a DNS on linux on the network, it is resolving all computers including the first DC and the second one... but DCPROMO wont allow me to add the second DC for some obscure reason unless i set the DNS to point to the DC.
anyway problem is solved, the server was reinstalled and all uid's are fine.
but, what the hell:
i am using my laptop outside the domain, logged in as local administrator. now i can access the c$ and d$ shares (and all others) on the DC without a password !!! can anyone guess why this thing is happening and what can i do to stop it ?
p.s. the DC is not in internet so dont bother trying to get it :)
For the protection of our internal systems and those of our customers, MIP/Best Software blocks most email attachments. Please use plain text when corresponding via email with MIP/Best Software. Received on Wed Jan 29 19:16:10 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:26 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |