Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Removing the NIC cable = EoP?
From: Valdis.Kletnieks () vt edu
Date: Tue, 03 Oct 2006 10:37:16 -0400

On Mon, 25 Sep 2006 14:16:07 BST, c0redump () ackers org uk said:

How is the user able to get the internet while the network cable is unplugged?

Well, assuming the hack actually *works*, once you're logged on as a local
admin, you're free to plug the cable back in. (If the *real* issue here is
that your profile isn't available, it might get interesting if it happens to
show up once you're logged in.  But I seem to remember that GPO is only
applied at logon, because you have to bounce active users to push a new
one.  I'm not a windows guy so I may be wrong thought...)

Secondly, it is the proxy server in 99% of cases which restricts which
websites the user can/cannot visit, not the local policies.

One might hope that.  But there's an awful lot of McSE (you want fries with that)
out there that:

a) Don't know how to set up a proxy server, but do know how to set a local policy.
b) Don't understand the difference between "default deny" and "default allow",
and why one leads to whack-a-mole website hunting....

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]