Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: LAN issue

from [Steve Hillier] Network Security [Permanent Link]
Subject: Re: LAN issue
Date: Mon, 29 Oct 2007 11:13:30 -0400 
2) To stop it from happening, you'll need to either:

     a) Stop them from being administrators on their machines
          (*That's* not going to happen - just google 'nordahl
password' to see why)


Not so hopeless as you may think.

First, set the BIOS on each machine to use the hard disk as the primary
boot device (assuming you're booting from disk) and disable all other
boot device selections.

Second, set a supervisor password on the BIOS so that no unauthorised
changes can be made.

Third, physically secure the machine so that cannot be opened without
permission to prevent any manual resetting of the BIOS.

Booting tools from live CDs can circumvent any OS-level security you may
have implemented. This would force all users into the OS before any
access to the machine can take place, and maintains the integrity of
your security policy.

This isn't 100% guaranteed, but it will deter pretty much all of the
casual problem users.

Just my $0.02.

sph



On 10/26/2007 06:27 PM, Kurt Buff wrote:

1) To enumerate shares on student machines, one tool that I've found
useful is Angry IP  Scanner, found at
http://www.angryziber.com/ipscan/. You'll want to grab the shares.dll
plugin for it, if you're scanning from a Windows box.

2) To stop it from happening, you'll need to either:

     a) Stop them from being administrators on their machines
          (*That's* not going to happen - just google 'nordahl
password' to see why)
     or

     b) Engineer your network so that SMB/CIFS doesn't work between
     the workstations on your LAN.
          (I find that highly unlikely also)

Kurt

On 25 Oct 2007 14:54:51 -0000, ankit.gupta.er@gmail.com
<ankit.gupta.er@gmail.com> wrote:

Hi,


Please help me. I am in a college and I am been given a task by my lead.

He has asked me scan the data student copy and past opening each other's 
computers


eg.


//172.2.2.2/c$


etc


I want to know how to know about the number of drives student create 
logicaly.

And can we stop it from happening..


And just a few minutes ago I was surfing over LAN. I faced a strange 
senario..

I was able to ping their workstation, was able to open their ip  through cmd 
prompt but was not able to access the drives...


help me out. m completely lost..


Thanks and Regard

Ankit
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DMZ - Question, Ansgar -59cobalt- Wiechers
Next by Date:  Re: NAT external/Public IP, Ansgar -59cobalt- Wiechers
Previous by Thread:  Re: LAN issue, Kurt Buff
Next by Thread:  Re: LAN issue, Dragos Ruiu
Indexes:  [Date] [Thread] [Top] [All Lists]