On Wednesday 29 May 2002 11:16 am, Rauno Linnam�e wrote: > Hello, > > We are running a Debian (potato) box with Samba as PDC for user > authentication and file server for W2k LAN clients. Recently one of our > notebooks was stolen. As I can identify all the users who have ever logged > in via that notebook, and may have their samba password stored on the > machine, I revoked all these passwords. > > Can any of you think of any other steps I should take to minimise the risk > of some black-hat abusing the information stored by W2k against our > server/network? This is no way to think if you're a security geek, but if you want to make yourself feel better the person who stole your notebook is a mere theif and is incapable of using any information other than credit/financial information that can lead again to more theft.
On the other hand, purge the users' login's make a significant change to the username converntion since he/she knows what you currently use and can use this to his/her advantage for later brute force attacks. He also knows your internal address space information (ie your Internal ip addresses are now 'public),of course that is a significant network change if your dealing with several thousand hosts. > > Regards, > > Rauno -- ----------------------- Orlando Padilla [EMAIL PROTECTED] "I only drink to make other people interesting" www.g0thead.com/xbud.asc ----------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
