Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: Disk (over)quota in Windows 2000

Re: Disk (over)quota in Windows 2000

From: Mikael Olsson <mikael.olsson_at_ENTERNET.SE>
Date: Wed, 1 Mar 2000 09:11:00 +0100

Peter Gutmann wrote:
>
> Dave Tarbatt - ACS <D.A.Tarbatt_at_BOLTON.AC.UK> writes:
>
> >I've been looking into disk quotas under Windows 2000 and have uncovered a
> >few anomalies. On top of a few peculiarities there appears to be a bug which
> >allows a user to exceed their disk quota by as much as they wish.
>
> Isn't this just a cluster-size filling issue? It looks like accounting is
> being done on a bytes-used basis but files are managed on a per-cluster basis,
> so it's possible to extend files out to fill the cluster without coming into
> conflict with the quota system.

Not "just" a cluster-size filling issue. The idea of quotas is preventing
people from using all available hard disk space, as that is a VERY effective
DoS. This bug means that W2K basically does not have any quotas, since it does
not provide that protection. 

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 105 50           Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson@enternet.se
Received on Mar 01 2000
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos