> -Original Message-
> From: 3xT [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 30, 1999 4:36 PM
>
> Currently most inplementations of Dynamic DNS or "DDNS" rely
> upon only client IP addresses in an access list for
> authentication.
Windows 2000 uses TSIG and Kerberos for update authe
Despite how much I know it might pain some people, if one puts
"http://windowsupdate.microsoft.com" in the "Trusted" zone, then one can
still disable "safe for scripting" controls in the "Internet" zone and get
the convenience of Windows Update without prompting.
(You could still be DNS spoofed.
> -Original Message-
> From: Aleph One [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, August 28, 1999 11:31 AM
>
> On Fri, Aug 27, 1999 at 07:04:53PM -0700, Paul Leach (Exchange) wrote:
> > The server gets to say, in the WWW-Authenticate challenge
> header field, fo
The server gets to say, in the WWW-Authenticate challenge header field, for
which "realm" it wants credentials (name+password). If both www.company.com
and www.company.com:81 send the same realm, then the same password will
continue to work.
This behavior is as spec'd for HTTP Authentication, RFC
The IE cache in Windows NT is per-user, and ACLd so only that user has
access. From your description, it appears that the "unauthorized" user was
running using the same account in the same logon session as the "authorized"
user. (Closing the browser and reopening it doesn't count.) So, as far as
t
