I think that you can create users/Groups with
different privilege level.
Then, try to insert this users in differents
Security policy.
I agree that Users and password cannot be locally
cached but when have LapTop users, It's necessary.
--- "fala83 (at) libero (dot) it [email concealed]" <fala83 (at) libero (dot) it [email concealed]> escreveu: >
In my opinion a system wouldn'n cache password
> locally.
> E.g. Sysadmin logs in into a workstation and
> password will be stored locally. An
> attacker could retrieve his password and login into
> the whole network whit
> administrative privileges. It is not completely
> safe.
> I'd rather prefer use Kerberos, using his tickets to
> access network resource
> without caching password.
> Anyway if the password must be stored locally, it
> must be!
>
>
> >Todd Shubert wrote:
> >
> > What exactly is the "right security policy"?
> Wouldn't not storing the
> > password provide problems for users, specifically
> laptop users, that
> > require the use of cached credentials?
>
>
>
------------------------------------------------------------------------
---
> KaVaDo provides the first and only integrated Web
> application scanner and
> firewall security suite that prevent Web
> applications attacks, the most
> common form of online exploitation. Download a FREE
> whitepaper on Security Policy Automation for Web
> Applications.
>
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
>
------------------------------------------------------------------------
---
>
=====
Flávio Pereira
ICQ 62382441
flavio_it (at) hotmail (dot) com [email concealed] (MSN)
_______________________________________________________________________
Desafio AntiZona: participe do jogo de perguntas e respostas que vai
dar um Renault Clio, computadores, câmeras digitais, videogames e muito
mais! www.cade.com.br/antizona
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
different privilege level.
Then, try to insert this users in differents
Security policy.
I agree that Users and password cannot be locally
cached but when have LapTop users, It's necessary.
--- "fala83 (at) libero (dot) it [email concealed]" <fala83 (at) libero (dot) it [email concealed]> escreveu: >
In my opinion a system wouldn'n cache password
> locally.
> E.g. Sysadmin logs in into a workstation and
> password will be stored locally. An
> attacker could retrieve his password and login into
> the whole network whit
> administrative privileges. It is not completely
> safe.
> I'd rather prefer use Kerberos, using his tickets to
> access network resource
> without caching password.
> Anyway if the password must be stored locally, it
> must be!
>
>
> >Todd Shubert wrote:
> >
> > What exactly is the "right security policy"?
> Wouldn't not storing the
> > password provide problems for users, specifically
> laptop users, that
> > require the use of cached credentials?
>
>
>
------------------------------------------------------------------------
---
> KaVaDo provides the first and only integrated Web
> application scanner and
> firewall security suite that prevent Web
> applications attacks, the most
> common form of online exploitation. Download a FREE
> whitepaper on Security Policy Automation for Web
> Applications.
>
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
>
------------------------------------------------------------------------
---
>
=====
Flávio Pereira
ICQ 62382441
flavio_it (at) hotmail (dot) com [email concealed] (MSN)
fpereirabr (at) yahoo.com (dot) br [email concealed]
Cel.: 9730-6277
_______________________________________________________________________
Desafio AntiZona: participe do jogo de perguntas e respostas que vai
dar um Renault Clio, computadores, câmeras digitais, videogames e muito
mais! www.cade.com.br/antizona
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
[ reply ]