Focus on Microsoft
default for requiring authentication 2003 Jun 12 2008 02:45AM
Murda Mcloud (murdamcloud bigpond com) (5 replies)
RE: default for requiring authentication 2003 Jun 12 2008 06:47PM
Matt Roca (meroca peoplecube com)
RE: default for requiring authentication 2003 Jun 12 2008 05:40PM
David LeBlanc (dleblanc mindspring com)
RE: default for requiring authentication 2003 Jun 12 2008 04:38PM
Kurt Dillard (kurtdillard msn com) (1 replies)
RE: default for requiring authentication 2003 Jun 12 2008 10:22PM
Murda Mcloud (murdamcloud bigpond com) (1 replies)
Re: default for requiring authentication 2003 Jun 13 2008 02:34AM
Kevin (rot_betruger sbcglobal net) (1 replies)
RE: default for requiring authentication 2003 Jun 17 2008 01:10AM
Murda Mcloud (murdamcloud bigpond com)
Encode or encrypt?

Btw, did you know your emails seem to be coming through multiple times-and
it's happening for David LeBlanc as well. Is the list having a moment?

Thanks for the info.

> >-----Original Message-----
> >From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> >On Behalf Of Kevin
> >Sent: Friday, June 13, 2008 12:34 PM
> >To: Murda Mcloud
> >Cc: focus-ms (at) securityfocus (dot) com [email concealed]
> >Subject: Re: default for requiring authentication 2003
> >
> >Don't forget about the "Allow anonymous enumeration of SAM Accounts and
> >Shares" under the security -> Network Access setting. If this is
> >disabled (or not allowed) then the "everyone" permissions only applies
> >to authenticated users. I have scripts that prep a machine post image
> >(ghosting) and in doing so must connect to server shares. At my company
> >we have the setting above disabled via GPO on all servers and I must use
> >an encoded vbs to do:
> >*objShell.run net use \\sever\share password /user:domain\user *
> >before I can access the share... however like everyone has said before,
> >by default this setting is not configured so everyone (including non
> >authenticated users) can access the data. But I must wonder why in the
> >world you'd fire up a server without having this in a default server
> >GPO. Tisk Tisk
> >
> >P.S.
> >I encode the vbs files since a password and user are stored in it.
> >
> >Murda Mcloud wrote:
> >> Thanks to all for the clarification and the links. He sounded so
> >convinced
> >> that I doubted myself.
> >>
> >> Kurt wrote;
> >>
> >>>> Your nemesis is thinking of older versions of Windows.
> >>>>
> >>
> >> Bwahaha! Moriarty is foiled again...through the deductive powers of the
> >> security focus list...
> >>
> >>
> >>>> -----Original Message-----
> >>>> From: listbounce (at) securityfocus (dot) com [email concealed]
> >[mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> >>>> On Behalf Of Kurt Dillard
> >>>> Sent: Friday, June 13, 2008 2:39 AM
> >>>> To: 'Murda Mcloud'; focus-ms (at) securityfocus (dot) com [email concealed]
> >>>> Subject: RE: default for requiring authentication 2003
> >>>>
> >>>> Murda,
> >>>> You are correct, in Windows XP, 2003, and later the Everyone group
> >only
> >>>> includes Authenticated Users, it no longer includes Anonymous Users.
> >You
> >>>> can
> >>>> change this but Microsoft strongly recommends against doing so. Your
> >>>> nemesis
> >>>> is thinking of older versions of Windows.
> >>>>
> >>>> Kurt
> >>>>
> >>>> -----Original Message-----
> >>>> From: listbounce (at) securityfocus (dot) com [email concealed]
> >[mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> >>>> On
> >>>> Behalf Of Murda Mcloud
> >>>> Sent: Wednesday, June 11, 2008 11:45 PM
> >>>> To: focus-ms (at) securityfocus (dot) com [email concealed]
> >>>> Subject: default for requiring authentication 2003
> >>>>
> >>>>
> >>>> I'm having a debate with someone over whether a 2003 server by
> >default
> >>>> (OOB)forces someone to authenticate(whether to a DC or to the server
> >>>> itself
> >>>> if standalone) before allowing access to files.
> >>>>
> >>>>
> >>>>
> >>>> He seems to think that the default is that no authentication is
> >required
> >>>> and
> >>>> consequently anyone could rock up and connect a laptop to a network
> >with
> >>>> that server on it and get access to files on it-as the EVERYONE group
> >is
> >>>> given read permissions to new folders etc.
> >>>>
> >>>>
> >>>>
> >>>> I say he is wrong but am looking hard to find something to back me
> >up.
> >>>>
> >>>> I understand that the guest account could access files as it is part
> >of
> >>>> the
> >>>> EVERYONE group but it's disabled by default-but still, there is an
> >>>> authentication process for guest to login
> >>>>
> >>>>
> >>>>
> >>
> >>
> >>
> >>

[ reply ]
RE: default for requiring authentication 2003 Jun 12 2008 04:27PM
James D. Stallard (james leafgrove com) (1 replies)
RE: default for requiring authentication 2003 Jun 12 2008 07:33PM
Kurt Dillard (kurtdillard msn com) (1 replies)
RE: default for requiring authentication 2003 Jun 13 2008 08:43AM
James D. Stallard (james leafgrove com) (1 replies)
RE: default for requiring authentication 2003 Jun 13 2008 04:25PM
Kurt Dillard (kurtdillard msn com)
RE: default for requiring authentication 2003 Jun 12 2008 04:14PM
Cawthray, Stewart (stewart cawthray td com)


 

Privacy Statement
Copyright 2010, SecurityFocus