|
Posted by Mark Randall on April 16, 2007, 6:51 am
If you were Registered and logged in, you could reply and use other advanced thread options
computer the second a connection is made.
--
- Mark Randall
http://www.temporal-solutions.co.uk
http://www.awportals.com
> Hello,
>
> The rule of thumb is that auto logon is a very bad idea. The ideal
> solution is modifying your programs such that they do not require the
> desktop and can be started by scheduled tasks.
>
> Of course, IT is hardly an ideal world. I have helped clients in
> similar situations before. There are a few things you can do: decrease
> the likelihood of someone gaining access to the console; decrease the
> scope of what someone could do once there; password protect the
> console; and monitor the system for anything suspicious.
>
> First, automatic logon means your computer's security is only as good
> as its physical security. Host your server at a data center with good
> locks and doors, procedures for allowing only authorized access, and a
> stable trustworthy staff. Do not tell the staff, if you can help it,
> about the automatic logon. Deploy the server headless (e.g., without
> the monitor, keyboard, and mouse.)
>
> Second, use a limited account. The account that automatically logs on
> should be a member of the Users group only, not Power Users or
> Administrators. Make certain the account does not have read access to
> C:\Windows\repair.Grant whatever permissions are necessary to run the
> programs but no more.
>
> You may want to RDP onto the console as this user (mstsc /v:computer /
> console). This will allow you to see what is occurring on the console
> desktop session. Thus, give the user permissions to use remote
> desktop.
>
> Third, lock the computer as quickly as possible. Your programs should
> still run. Configure the screen saver to come on after 10 minutes (or
> less) and to require a password. This shortens the time where, after a
> reboot, your server will be vulnerable.
>
> Forth, keep a close eye on the event logs. Unexpected shutdowns may
> indicate that someone is power cycling the server in order to gain
> access. Enable logging and watch for unexplained processes starting
> under the console user's ID.
>
> Hope that helps,
>
> J Wolfgang Goerlich
>
>> Hi,
>>
>> I have a situation with a dedicated Windows 2003 server sitting in a data
>> center in the US, on it I have several programs running which are
>> launched
>> on startup (login).
>>
>> I was wondering what the security implications would be of rigging it to
>> auto-login on boot if the only access was through remote desktop.
>>
>> --
>> - Mark Randallhttp://www.temporal-solutions.co.ukhttp://www.awportals.com
>
>
| 
XML site map