Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Restricting file server to access to domain computers only.

from [jkowall] Network Security [Permanent Link]
Subject: Re: Restricting file server to access to domain computers only.
Date: Fri, 10 Jun 2005 13:10:06 -0400 
You can enforce certificates using the certificate server, and then
permissioning netbio based on certificates.

The best way it to shut down their network if it doesn't have a valid
certificate:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/69d8484b-8e31-408c-a127-0042d47d4613.mspx

Personally if a user did that, I would just not give him admin
anymore.  Another option is a "disconnected" VM for them to develop
in, they can have admin there.

You can easily scan the network, and any box which doesn't accept your
credentials is consitered "rogue".

On 6/9/05, Kevin Green <securityfocus@kevin.3drealms.com> wrote:

Hello focus-ms,

Does anyone know how to prohibit computers from connecting to a Windows 2003 
Server share unless the
system they are connecting from is a member of the domain.

I a few "power users" and developers who keep removing there systems from the 
domain, and just
connecting to the server by browsing and using there domain credentials to 
login.  There access is
allowed and needed for them to do there work.  If I don't allow them to 
connect unless there system is
a part of the domain, that will solve the problem.

Kevin


---------------------------------------------------------------------------
---------------------------------------------------------------------------




---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Kerberos & NTLM Auth in IIS6, Trevor
Next by Date:  Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?, deadly . halo
Previous by Thread:  Restricting file server to access to domain computers only., Kevin Green
Next by Thread:  Re: Restricting file server to access to domain computers only., Kevin Green
Indexes:  [Date] [Thread] [Top] [All Lists]