[windows2000] Re: How to tighten up your network - suggestions

  • From: Greg Reese <gareese@xxxxxxxxx>
  • To: windows2000@xxxxxxxxxxxxx
  • Date: Thu, 26 Mar 2009 12:20:57 -0500

also, have you looked at the Microsoft Shared Computing toolkit?

http://www.microsoft.com/windows/products/winfamily/sharedaccess/whatis/userrestrictions.mspx

and

http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx

On Thu, Mar 26, 2009 at 12:17 PM, Greg Reese <gareese@xxxxxxxxx> wrote:

> i think a gpo restricting 16 bit apps will choke out command.com,  a gpo
> to log off a user on roaming profile failure.  i think you can kill the run
> command with a gpo too.  Or perhaps a local policy instead.  Just restrict
> the mmc snapins list and registry tools while your at it.
>
>
>
>
> On Thu, Mar 26, 2009 at 12:12 PM, Patrick <london31uk@xxxxxxxxx> wrote:
>
>> ok guys, after some serious talking to, the kid has decided to let us in
>> on some of his tricks.
>>
>>
>>
>> 1.      Download zip files allows him to get to the C: drive by being
>> able to access the Temp Internet files.
>>
>> 2.      If he disconnects the computer from the network, it installs a
>> local profile for him, giving him access to the C: drive and the “Run”
>> command.
>>
>> 3.      He  runs a “compressed” cmd file from within PowerPoint.
>>
>> 4.      By running “Find Printer” he is able to find users accounts.
>>
>> 5.      He accesses “command.com” (the equivalent of cmd.exe).
>>
>> 6.      He runs cmd.exe to get to files on the servers.
>>
>>
>> Should this kid not be studying, rather than keeping me busy?
>>
>>
>> Anyway, just thought to share.
>>
>>
>>
>> Thanks
>>
>> Patrick
>>
>>  ------------------------------
>> *From:* Jim Kenzig http://thin.ms <jkenzig@xxxxxxxxx>
>> *To:* windows2000@xxxxxxxxxxxxx
>> *Sent:* Wednesday, March 25, 2009 11:54:33 PM
>> *Subject:* [windows2000] Re: How to tighten up your network - suggestions
>>
>> Yes I understand kids will be kids but it covers you.
>> Jim Kenzig
>> Blog: http://www.techblink.com
>> Twitter: http://twitter.com/kenzig
>> Twitter: http://twitter.com/InternetPilot
>>
>>
>> On Wed, Mar 25, 2009 at 11:40 AM, Patrick <london31uk@xxxxxxxxx> wrote:
>>
>>>  Hi Jim,
>>>
>>> This is an idea I have suggested, and I think there is a good case to
>>> push this forward. Whats I have found is that no matter how tight you try to
>>> make things the kids will seek to break in. In most cases because they do
>>> not understand what the consequences could be if enforced.
>>>
>>> Really annoying.
>>>
>>>
>>>
>>> Thanks
>>>
>>> Patrick
>>>
>>>  ------------------------------
>>> *From:* Jim Kenzig http://thin.ms/ <jkenzig@xxxxxxxxx>
>>> *To:* windows2000@xxxxxxxxxxxxx
>>> *Sent:* Wednesday, March 25, 2009 1:59:44 PM
>>>
>>> *Subject:* [windows2000] Re: How to tighten up your network -
>>> suggestions
>>>
>>> Well I am not sure about Australia but here we do have computer hacking
>>> laws and a simple "Your current computer activity appears to be illegal and
>>> you may be prosecuted if you do not cease and desist" dm to the computer may
>>> be enough.   You of course also make sure that you have a proper logon
>>> privacy message in place prior to logon that requires an OK click.
>>> Here is ours:
>>> THIS SYSTEM IS FOR USE OF AUTHORIZED PERSONS AND ACTIVITIES ONLY!
>>> Activities may be subject to monitoring, recording, and periodic audits
>>> The system and all content are property of CCPL and are NOT considered
>>> private.
>>> The organization may access any users accounts or communications.
>>> Anyone using this system expressly consents to the above and to all CCPL
>>> Policies and Rules regarding
>>> computer and Internet use and security.
>>>   OK
>>>
>>> This should cover you legally at least.
>>> Regards
>>> Jim Kenzig
>>> Blog: http://www.techblink.com
>>> Twitter: http://twitter.com/kenzig
>>> Twitter: http://twitter.com/InternetPilot
>>>
>>>
>>> On Wed, Mar 25, 2009 at 9:42 AM, Berny Stapleton <
>>> berny@xxxxxxxxxxxxxxxxx> wrote:
>>>
>>>> Yes, it was actually regedit and they were modifying the SAM.
>>>>
>>>> Quite clever really, but a little frustrating.
>>>>
>>>> 2009/3/25 Robert K Coffman Jr. -Info From Data Corp.
>>>> <bcoffman@xxxxxxxxxxxxxxxx>:
>>>>  > Scheduled task can run in System context & allow someone to launch a
>>>> cmd
>>>> > prompt or something with basically full control of the system.
>>>> >
>>>> > -----Original Message-----
>>>> > From: windows2000-bounce@xxxxxxxxxxxxx
>>>> > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sorin Srbu
>>>> > Sent: Wednesday, March 25, 2009 3:39 AM
>>>> > To: windows2000@xxxxxxxxxxxxx
>>>> > Subject: [windows2000] Re: How to tighten up your network -
>>>> suggestions
>>>> >
>>>> > Could you please elaborate on the scheduler thing, what's that about?
>>>> Thx.
>>>> > --
>>>> > /Sorin
>>>> >
>>>> >
>>>> >>-----Original Message-----
>>>> >>From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-
>>>> >>bounce@xxxxxxxxxxxxx] On Behalf Of Berny Stapleton
>>>> >>Sent: Tuesday, March 24, 2009 9:38 PM
>>>> >>To: windows2000@xxxxxxxxxxxxx
>>>> >>Subject: [windows2000] Re: How to tighten up your network -
>>>> suggestions
>>>> >>
>>>> >>Oh, turn off the scheduler. Keep your patches up to date. (That's the
>>>> >>one that caught me)
>>>> >
>>>> >
>>>> > **********************
>>>> > To Unsubscribe, set digest or vacation
>>>> > mode or view archives use the below link.
>>>> >
>>>> > http://www.freelists.org/list/windows2000
>>>> >
>>>> **********************
>>>> To Unsubscribe, set digest or vacation
>>>> mode or view archives use the below link.
>>>>
>>>> http://www.freelists.org/list/windows2000
>>>>
>>>
>>>
>>>
>>
>>
>

Other related posts: