+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 21 of 21
Windows Thread, Renaming the Administrator Account in Technical; @Geoff So you don't allow acess to HTTPS at all at the schools you manage? Even if nobody orders on-line ...
  1. #16

    Join Date
    Mar 2006
    Posts
    537
    Thank Post
    2
    Thanked 3 Times in 2 Posts
    Rep Power
    19

    Re: Renaming the Administrator Account

    @Geoff
    So you don't allow acess to HTTPS at all at the schools you manage?

    Even if nobody orders on-line (e.g. Amazon, Dabs etc) many thirdparty VLEs and webmail services require HTTPs for secure logon.

    How do you counteract the ARP poisoning in the walk through you gave above?

  2. #17

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Renaming the Administrator Account

    So you don't allow acess to HTTPS at all at the schools you manage?

    Even if nobody orders on-line (e.g. Amazon, Dabs etc) many thirdparty VLEs and webmail services require HTTPs for secure logon.
    Online shopping is a breach of the AUP.
    Our VLE and email systems are accessable directly.

    How do you counteract the ARP poisoning
    You need to run an IDS.
    Some switches have Arp Spoofing protection (Cisco call it 'arp packet inspection' for example).

  3. #18

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115

    Re: Renaming the Administrator Account

    Imagine the HTTPS server was your remote file access server, $teacher connects, enters username & password, rogue box logs details
    ::concentrates:: Nope, can only imagine it being somone else's server.

    If you're rolling your own certs you should give people the CA cert to install along with the couple of lines it takes to explain cert security warnings i.e. if you get one then do NOT proceed.

    If there is a genuine case for remote access to sensitive files (rarely true) there are better ways of doing it.

  4. #19

    Join Date
    Oct 2005
    Location
    East Midlands
    Posts
    738
    Thank Post
    17
    Thanked 105 Times in 65 Posts
    Rep Power
    37

    Re: Renaming the Administrator Account

    One other thing to do is to deplay 802.1x authentication on the switches and then only allow all managed computers. This was no unknown or rouge PCs or devices get on the network either wired or wireless.

    One requirement of this is that you need switches that support 802.1x authentication and also need to deploy a RADIUS server but this is not a problem, you can use the Microsoft's IAS which comes with Windows Server 2000 or 2003.

    For the clients you need to use Windows XP or Windows 2000. I'm not linux man so i don't know which linux os (there are so many distributions!!!) that supports this.

    This solution has another advantage is that not only it stops but you can log it to sql server for all the successfull and failed authentication to find out if anyone is trying to get into your network.

    To be honest i don't think its too much of an issue to open 443, i mean most corporates have it open for their webmail etc, so we are only working in schools.

    Ash.

  5. #20

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Renaming the Administrator Account

    ARP works below TCP/IP. Therefore before 802.11x.

  6. #21

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115

    Re: Renaming the Administrator Account

    802.11X is supposed to be layer-2 authentication. I've yet to have the uhh.. pleasure of playing with it seriously, but I thought the only traffic that goes anywhere until after authentication is:

    a) PC <-> [AP|Switch|Whatever] <-> RADIUS

    I guess that doesn't stop you spitting out malicious wireless packets aimed at other wireless devices or just flooding it etc., but in principle it should be quite helpful for ARP poisoning.

    If anyone knows different, please tell..

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Renaming menus
    By ianaddisonuk in forum Web Development
    Replies: 0
    Last Post: 12th August 2007, 02:01 PM
  2. Renaming W2003 DC
    By Simcfc73 in forum Windows
    Replies: 7
    Last Post: 1st April 2007, 10:54 AM
  3. types of administrator account
    By disinfo in forum Windows
    Replies: 21
    Last Post: 16th October 2006, 10:14 AM
  4. Replies: 14
    Last Post: 4th April 2006, 11:26 AM
  5. Administrator Account
    By Gatt in forum Windows Vista
    Replies: 0
    Last Post: 2nd April 2006, 09:51 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •