On Wednesday 19 June 2002 05:25, Sumit Dhar wrote: > I was wondering... If I have read/write access to a windows machine on > some company's network, could I compromise the entire network's security > in some way because of this access??
Yes and no. It depends on the type of access you gained, who is using the machine, if it's a server of some sort, does it share the same VLAN with servers, access rights, if you can physically access the machines etc. For example, if you can just get file access to some sensitive data, you could be able to delete or alter it. Since many people have weak or no password for their shares, this is quite common in large networks. And if the data is sensitive enough, you don't have to go further than altering the data to really make a disaster for that company. If you can access more than just a share on the network - i.e. if you use some tool for known exploit, you could gain administrative privileges on that machine (we're talking about some serious security, aren't we? so I presume machines are all NT, not 9x), you can get SAMs of all users that use that machine. Now, you can try to break all the other machines one by one if they share the same vulnerability, untill you find SAM of some administrator. Crack it, and U OWNZ DA NETWORK. ;-) It is often a common practice to have same local workstation administrator passwords, so it makes search a bit easier. To cut a long story short - if you can just access some windows share with bad or nonexistant password, you won't be able to compromise the entire network *just because of that*. But it doesn't mean that this isn't a good insertion point for further attacks. It depends on overall security measures, your access level and how tight the network/domain security has been set. -- Radoslav Dejanovic Senior Associate to Mayor's Office City of Zagreb, Croatia
