Security Basics mailing list archives
Re: Mass Machine Login
From: Brian Loe <knobdy () gmail com>
Date: Tue, 24 Jan 2006 10:34:20 -0600
On 1/23/06, Adam Kane <kane () linkitsoftware com> wrote:
Ryan Cummings wrote:-----Original Message----- From: Ryan Cummings [mailto:ryan.r.cummings () gmail com] Sent: Tuesday, January 17, 2006 10:06 PM To: security-basics () securityfocus com Subject: Mass Machine LoginI feel having the same login/password on all 75 computers is a bad security practice.
I think that in some environments - a call center for instance - an auto-login actually improves security: User base which is likely volatile have no knowledge of password. All users have the same access (for apps and network). Less user administration - fewer opportunities to screw up. Default password can be very complex and changed often - daily even, for the most severely volatile user base. That's just off the cuff. I've implemented this solution for these reasons and many others, but essentially you wind up with a very controlled environment with limited apps running or available and very limited network access. Where I implemented it, for instance, the users only had access to their browser and only had access to the network enough to hit our internal webservers (which ran the app they needed to get to).
Are you talking about logging into all the computers via SSH or FTP or something like that or are you talking about having the computers automatically log in when booted?
This is what I'm wondering more about - details are everything here. As I recall, you are running XP machines, are they in AD? If so, you should be able to very easily change the login for all of them - for good or just the next reboot. There are a ton of scripts available from Microsoft to do just that.
Current thread:
- Mass Machine Login Ryan Cummings (Jan 20)
- RE: Mass Machine Login Joseph R. Gruber (Jan 23)
- Re: Mass Machine Login Adam Kane (Jan 24)
- Re: Mass Machine Login Brian Loe (Jan 25)
- Re: Mass Machine Login Bradley (Jan 25)
- Re: Mass Machine Login Nick Owen (Jan 25)
- Re: Mass Machine Login Adam Kane (Jan 24)
- Re: Mass Machine Login lonely wolf (Jan 23)
- Re: Mass Machine Login Jon Hart (Jan 23)
- Re: Mass Machine Login Ryan Cummings (Jan 23)
- Re: Mass Machine Login Alexander Klimov (Jan 23)
- RE: Mass Machine Login Tony Carter (Jan 24)
- Re: Mass Machine Login Vihang Dudhalkar (Jan 24)
- <Possible follow-ups>
- Re: Mass Machine Login Jamie Crawford (Jan 20)
- RE: Mass Machine Login Joseph R. Gruber (Jan 23)