DESKTOP SECURITY ISSUE

DESKTOP SECURITY ISSUE
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
DESKTOP SECURITY ISSUE Rob 07-24-2006
Posted by =?Utf-8?B?Um9i?= on July 24, 2006, 5:48 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I have encountered a major security issue when creating a desktop shortcut to
a so-called secure Windows server. The account from which the shortcut was
created has limited privileges associated with it. On opening the shortcut,
the user is not prompted for secure logon and the user has full privilges.
This is also the case when the user is only logged on as a local workstation
user (not logged on to the network). The network logon service is provided by
Novell and local logon by Windows. Even when the user account was deleted
from the server this problem persisted. It also persists at multiple Windows
stations. This implies that a user need only know the server name to get
access to that server. I have also managed to map the server as a drive in
Windows Explorer without logging in to the server.

Posted by karl levinson, mvp on July 24, 2006, 9:13 am
If you were  Registered and logged in, you could reply and use other advanced thread options



>I have encountered a major security issue when creating a desktop shortcut
>to
> a so-called secure Windows server.

Windows is only secure when securely configured. I strongly suspect this
"issue" has more to do with your configuration than with a security issue in
Windows. There is no way Windows could have existed for three or more years
without someone else discovering an issue like this.

You didn't tell us what version of Windows you're running. Is it Windows
2003?

> I have also managed to map the server as a drive in
> Windows Explorer without logging in to the server.

If your local account and password on the workstation also exist on the
server or in the domain, then you'll be granted access.

Windows could also be caching your user login credentials via a previous
mapped drive. Before you map the drive, do you see anything when you run
the NET USE command at a command prompt?

I also wonder if Windows is caching the files locally for when the server is
unavailable. On Windows XP, this feature is viewed under Tools, Folder
Options.

> The account from which the shortcut was
> created has limited privileges associated with it.

Limited privileges where? On the local workstation? Or on the files and
network share being used on the server?

> On opening the shortcut,
> the user is not prompted for secure logon and the user has full privilges.

What permissions does that user have on the Windows network share being used
to access those files?

By "full," I assume you mean read/write/modify/delete? Can the user also
change permissions on the files?

> Even when the user account was deleted
> from the server this problem persisted.

I would suggest enabling auditing on the Windows server and on those files
to confirm what user account is being used to access those files:

http://securityadmin.info/faq.asp?auditing

> It also persists at multiple Windows
> stations. This implies that a user need only know the server name to get
> access to that server.

Windows does not do this by default, unless you've intentionally configured
it to do so. Is the Guest account configured, for example?






Posted by Roger Abell [MVP] on July 25, 2006, 11:38 am
If you were  Registered and logged in, you could reply and use other advanced thread options
In addition to Karl's comments, check to see whether their is a definition
of credentials to be used set in the network credentials, i.e. while logged
in as that account go to control panel / user accounts, highlight the
account
and use the Manage my network passwords link

>I have encountered a major security issue when creating a desktop shortcut
>to
> a so-called secure Windows server. The account from which the shortcut was
> created has limited privileges associated with it. On opening the
> shortcut,
> the user is not prompted for secure logon and the user has full privilges.
> This is also the case when the user is only logged on as a local
> workstation
> user (not logged on to the network). The network logon service is provided
> by
> Novell and local logon by Windows. Even when the user account was deleted
> from the server this problem persisted. It also persists at multiple
> Windows
> stations. This implies that a user need only know the server name to get
> access to that server. I have also managed to map the server as a drive in
> Windows Explorer without logging in to the server.



Similar ThreadsPosted
Citrix, VPN, Remote Desktop and Wireless security November 18, 2005, 4:05 pm
Microsoft/Google Desktop Search - Security issues? August 24, 2005, 8:02 pm
IE URL Security issue maybe? October 5, 2005, 9:03 pm
Security issue June 7, 2006, 2:30 pm
file transfer security issue June 30, 2005, 11:06 am
Issue with DL's and security groups October 19, 2005, 10:47 am
Security issue with MS Exchange moving November 28, 2005, 5:08 pm
internet radio security issue June 7, 2006, 10:34 am
wireless and router; security issue August 20, 2006, 6:36 pm
Security Issue - Locked Out of My Own Drive August 5, 2007, 4:26 pm

The site map in XML format XML site map

Contact Us | Privacy Policy