Focus on Microsoft
default for requiring authentication 2003 Jun 12 2008 02:45AM
Murda Mcloud (murdamcloud bigpond com) (5 replies)
RE: default for requiring authentication 2003 Jun 12 2008 06:47PM
Matt Roca (meroca peoplecube com)
RE: default for requiring authentication 2003 Jun 12 2008 05:40PM
David LeBlanc (dleblanc mindspring com)
RE: default for requiring authentication 2003 Jun 12 2008 04:38PM
Kurt Dillard (kurtdillard msn com) (1 replies)
RE: default for requiring authentication 2003 Jun 12 2008 10:22PM
Murda Mcloud (murdamcloud bigpond com) (1 replies)
Thanks to all for the clarification and the links. He sounded so convinced
that I doubted myself.

Kurt wrote;
>>Your nemesis is thinking of older versions of Windows.

Bwahaha! Moriarty is foiled again...through the deductive powers of the
security focus list...

> >-----Original Message-----
> >From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> >On Behalf Of Kurt Dillard
> >Sent: Friday, June 13, 2008 2:39 AM
> >To: 'Murda Mcloud'; focus-ms (at) securityfocus (dot) com [email concealed]
> >Subject: RE: default for requiring authentication 2003
> >
> >Murda,
> >You are correct, in Windows XP, 2003, and later the Everyone group only
> >includes Authenticated Users, it no longer includes Anonymous Users. You
> >can
> >change this but Microsoft strongly recommends against doing so. Your
> >nemesis
> >is thinking of older versions of Windows.
> >
> >Kurt
> >
> >-----Original Message-----
> >From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> >On
> >Behalf Of Murda Mcloud
> >Sent: Wednesday, June 11, 2008 11:45 PM
> >To: focus-ms (at) securityfocus (dot) com [email concealed]
> >Subject: default for requiring authentication 2003
> >
> >
> >I'm having a debate with someone over whether a 2003 server by default
> >(OOB)forces someone to authenticate(whether to a DC or to the server
> >itself
> >if standalone) before allowing access to files.
> >
> >
> >
> >He seems to think that the default is that no authentication is required
> >and
> >consequently anyone could rock up and connect a laptop to a network with
> >that server on it and get access to files on it-as the EVERYONE group is
> >given read permissions to new folders etc.
> >
> >
> >
> >I say he is wrong but am looking hard to find something to back me up.
> >
> >I understand that the guest account could access files as it is part of
> >the
> >EVERYONE group but it's disabled by default-but still, there is an
> >authentication process for guest to login
> >
> >

[ reply ]
Re: default for requiring authentication 2003 Jun 13 2008 02:34AM
Kevin (rot_betruger sbcglobal net) (1 replies)
RE: default for requiring authentication 2003 Jun 17 2008 01:10AM
Murda Mcloud (murdamcloud bigpond com)
RE: default for requiring authentication 2003 Jun 12 2008 04:27PM
James D. Stallard (james leafgrove com) (1 replies)
RE: default for requiring authentication 2003 Jun 12 2008 07:33PM
Kurt Dillard (kurtdillard msn com) (1 replies)
RE: default for requiring authentication 2003 Jun 13 2008 08:43AM
James D. Stallard (james leafgrove com) (1 replies)
RE: default for requiring authentication 2003 Jun 13 2008 04:25PM
Kurt Dillard (kurtdillard msn com)
RE: default for requiring authentication 2003 Jun 12 2008 04:14PM
Cawthray, Stewart (stewart cawthray td com)


 

Privacy Statement
Copyright 2010, SecurityFocus