Re: Scheduling NTBackup to mapped drive
- From: "Steve Moffat" <steve@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- To: "Exchange Weblist" <exchangelist@xxxxxxxxxxxxx>
- Date: Sun, 8 Aug 2004 23:38:49 +0100
ok...very easy...if the data that i required was that important....then
one would break into your server rack.....break your server case lock
and voila
-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx]
Sent: Sunday, August 08, 2004 7:25 PM
To: Exchange Weblist
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive
http://www.MSExchange.org/
How in the WORLD can you get to my CD drives or floppy drives? You mean
to tell me your servers don't have a case on them that lock??? ALL of
mine do.
The fact that yours do not, speaks for itself. You can't even get to the
plugs, because, again, like all servers should be, they are beneath the
locked rack, and the rack is lock to the floor so it can't move.
Again, you've just spoken and said it out loud how insecure your servers
really are.
-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Sunday, August 08, 2004 6:16 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive
http://www.MSExchange.org/
OK Jared...
Say I'm in your secure server room....beside your secure server, which
you've secured by logging on and locking.
I put a sysinternals erd commander cd in your cd tray and then pull the
power on your server...it goes down, I plug it back in, server starts,
erd commander runs, I reset the admin account that it finds, or create a
new one, whichever, i then reboot, take out the erd cd and it boots to
the login screen...I can now logon. Had to do it many times because of
forgotten admin passwords on NT, 200 and 2003.
Steve
-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx]
Sent: Sunday, August 08, 2004 6:58 PM
To: Exchange Weblist
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive
http://www.MSExchange.org/
LOL. Right. And I have some land in the Sierra I'd like to sell you.
How about the truth:
http://techrepublic.com.com/5100-6329-1058522.html
http://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/ste
p_5_
use_strong_passwords.mspx (read, "But all too often...")
http://labmice.techtarget.com/articles/securingwin2000.htm (look at
"password protect your..." which mentions ALL SERVERS.)
http://www.cpc.unc.edu/projects/addhealth/data/restricteduse/security/wi
n200
0server (look at #2)
Answer me this: Why would microsoft give the ability to lock all their
server screens?? Because they don't want you to USE IT!? Again, this is
common sense.
LOL Whew, sorry, I just blew a few junks.
Hey my weak newbie, if your incredibly fragile ego can't take being
wrong, that's not my deal. SEE A SHRINK.
TALK ABOUT DENIAL
-----Original Message-----
From: Keith Duemling [mailto:kduemling@xxxxxxx]
Sent: Sunday, August 08, 2004 5:46 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive
http://www.MSExchange.org/
Trying to add some documented references to the two sides of this issue
I have found the following statement in a Microsoft Press book.
-----------------------------------------
Book: Microsoft Windows Security for Windows XP and Windows 2000 Inside
Out
Publisher: Microsoft Press
Copyright: 2003
ISBN: 0-7356-1632-9
Pages: 111-112
Background: Statement made in reference to using Syskey to add an
additional layer of login protection for Windows based systems.
Statement:
"Caution: Bear in mind that this added startup requirement provides no
additional protection once the computer is up and running. That is, if
an attacker can reach your unattended computer while an administrator
account is logged on, your passwords can be stolen. An attacker can
steal the LSASS cache of hashed passwords and copy it to a floppy disk
in seconds. Again, it comes down to physical security: Unless your
computer is always guarded by a person or a locked door, be sure to log
off when you leave the computer and ensure that all user accounts are
password protected."
-----------------------------------------
This article might be useful for those locking their servers.
http://www.microsoft.com/technet/prodtechnol/windows2000pro/tips/loccon.
mspx
Keith Duemling
//end
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
JaredsJazz@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
This E-Mail is confidential. It is not intended to be read, copied,
disclosed or used by any person other than the recipient named above.
Unauthorised use, disclosure, or copying is strictly prohibited and may
be unlawful. Optimum IT Solutions disclaims any liability for any action
taken in connection of this E-Mail. The comments or statements expressed
in this E-Mail are not necessarily those of Optimum IT Solutions or its
subsidiaries or affiliates.
administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
JaredsJazz@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Other related posts:
