mailing list archives
Re: Removing the NIC cable = EoP?
From: Valdis.Kletnieks () vt edu
Date: Tue, 03 Oct 2006 10:37:16 -0400
On Mon, 25 Sep 2006 14:16:07 BST, c0redump () ackers org uk said:
How is the user able to get the internet while the network cable is unplugged?
Well, assuming the hack actually *works*, once you're logged on as a local
admin, you're free to plug the cable back in. (If the *real* issue here is
that your profile isn't available, it might get interesting if it happens to
show up once you're logged in. But I seem to remember that GPO is only
applied at logon, because you have to bounce active users to push a new
one. I'm not a windows guy so I may be wrong thought...)
Secondly, it is the proxy server in 99% of cases which restricts which
websites the user can/cannot visit, not the local policies.
One might hope that. But there's an awful lot of McSE (you want fries with that)
out there that:
a) Don't know how to set up a proxy server, but do know how to set a local policy.
b) Don't understand the difference between "default deny" and "default allow",
and why one leads to whack-a-mole website hunting....
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/