Home page logo
/

basics logo Security Basics mailing list archives

Re: LAN issue
From: Steve Hillier <securityfocus () mastermindtoys com>
Date: Mon, 29 Oct 2007 11:13:30 -0400

2) To stop it from happening, you'll need to either:

     a) Stop them from being administrators on their machines
          (*That's* not going to happen - just google 'nordahl
password' to see why)

Not so hopeless as you may think.

First, set the BIOS on each machine to use the hard disk as the primary
boot device (assuming you're booting from disk) and disable all other
boot device selections.

Second, set a supervisor password on the BIOS so that no unauthorised
changes can be made.

Third, physically secure the machine so that cannot be opened without
permission to prevent any manual resetting of the BIOS.

Booting tools from live CDs can circumvent any OS-level security you may
have implemented. This would force all users into the OS before any
access to the machine can take place, and maintains the integrity of
your security policy.

This isn't 100% guaranteed, but it will deter pretty much all of the
casual problem users.

Just my $0.02.

sph



On 10/26/2007 06:27 PM, Kurt Buff wrote:
1) To enumerate shares on student machines, one tool that I've found
useful is Angry IP  Scanner, found at
http://www.angryziber.com/ipscan/. You'll want to grab the shares.dll
plugin for it, if you're scanning from a Windows box.

2) To stop it from happening, you'll need to either:

     a) Stop them from being administrators on their machines
          (*That's* not going to happen - just google 'nordahl
password' to see why)
     or

     b) Engineer your network so that SMB/CIFS doesn't work between
     the workstations on your LAN.
          (I find that highly unlikely also)

Kurt

On 25 Oct 2007 14:54:51 -0000, ankit.gupta.er () gmail com
<ankit.gupta.er () gmail com> wrote:
Hi,


Please help me. I am in a college and I am been given a task by my lead.

He has asked me scan the data student copy and past opening each other's computers


eg.


//172.2.2.2/c$


etc


I want to know how to know about the number of drives student create logicaly.

And can we stop it from happening..


And just a few minutes ago I was surfing over LAN. I faced a strange senario..

I was able to ping their workstation, was able to open their ip  through cmd prompt but was not able to access the 
drives...


help me out. m completely lost..


Thanks and Regard

Ankit







  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]