RE: disabling 'connect as'

[Kent Spencer]

.. I'm a little confused as to your configuration? Are all the
   servers/workstations 2000? RunAS is a service on 2000 which
   could be stopped and set to manual to start. However, if the
   user has privileges to restart this does no good and why I suggest
   a policy to disable. If the user has a valid account he/she
   shouldn't have to use connect as or run as if you have security
   set properly. The only way to stop reinfecting your servers
   is to disable all shares until the users computers are virus' free
   which I doubt you can achieve. Users tend to scream when they can't
   get to information. Guess I need to hear more information.
Kent

--- "Miley, Dan" <[EMAIL PROTECTED]> wrote:
> how do you create a policy on a "rougue" computer,or passthrough
> authentication?
> 
> if they are connecting, and have valid ID and pwd it shouldn't matter
> what
> app provides it.  I thought the password prompting (through dialog,
> runas,
> or connectas) was local to the workstation.  
> 
> would you set a policy on the server machine to not allow network
> connections, or not allow that user?
> 
> Wondering,
> Dan
> 
> -
>
-----------------------------------------------------------------------
> Mathematics is music for the mind, music is mathematics for the soul.
> -
> Pythagoras
> 
> -----Original Message-----
> From: Kent Spencer [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 26, 2001 9:10 AM
> To: NT System Admin Issues
> Subject: RE: disabling 'connect as'
> 
> 
> .. better to implement a policy and disable this feature/object.
> 
> kent
> 
> --- "Miley, Dan" <[EMAIL PROTECTED]> wrote:
> > change their passwords, or disable their accounts
> > 
> > -----Original Message-----
> > From: Blair, Jason [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, September 25, 2001 3:48 PM
> > To: NT System Admin Issues
> > Subject: disabling 'connect as'
> > 
> > 
> > Our network was hit with the Nimba virus. All of the computers in
> our
> > control are protected. Rouge computers, however, can map to our
> > drives
> > using the 'connect as', 'connect using different user name', or
> > passthrough authentication. These rouge computers keep writing the
> > virus
> > back up to our shares. 
> >  
> > Is there any way to prevent this?
> >  
> > -Jason Blair
> > Y��<Z�"�zmʸ     z[lpjo�OE�rʸW�z{uzx%
> > This e-mail may be privileged and/or confidential, and the sender
> > does not
> > waive any related rights and obligations. Any distribution, use or
> > copying
> > of this e-mail or the information it contains by other than an
> > intended
> > recipient is unauthorized. If you received this e-mail in error,
> > please
> > advise me (by return e-mail or otherwise) immediately. 
> > 
> > Want to unsub? Do that here:
> > http://www.w2knews.com/rd/rd.cfm?id=unsub
> > Need a good FAQ? Try this one first:
> > http://www.ultratech-llc.com/KB/
> > 
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Get email alerts & NEW webcam video instant messaging with Yahoo!
> Messenger.
> http://im.yahoo.com
> 
> Want to unsub? Do that here:
> http://www.w2knews.com/rd/rd.cfm?id=unsub
> Need a good FAQ? Try this one first:
> http://www.ultratech-llc.com/KB/
> This e-mail may be privileged and/or confidential, and the sender
> does not
> waive any related rights and obligations. Any distribution, use or
> copying
> of this e-mail or the information it contains by other than an
> intended
> recipient is unauthorized. If you received this e-mail in error,
> please
> advise me (by return e-mail or otherwise) immediately. 
> 
> Want to unsub? Do that here:
> http://www.w2knews.com/rd/rd.cfm?id=unsub
> Need a good FAQ? Try this one first:
> http://www.ultratech-llc.com/KB/
> 


__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger. 
http://im.yahoo.com

Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/