Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Easy VPN Question

Posted on 2004-09-13
8
Medium Priority
?
295 Views
Last Modified: 2010-04-11
When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ? or is the security automatically built into the vpn software to protect my pc ?

We use several vpn packages for different clients including Checkpoint, Cisco and Microsoft standard windows vpn

thanks
0
Comment
Question by:plq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 16

Expert Comment

by:JammyPak
ID: 12045675
>When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ?

no, it doesn't.

>or is the security automatically built into the vpn software to protect my pc ?

no, it isn't - you still have to make sure your PC is secure - don't leave Admin password blank, don't leave Guest account enabled, etc.


0
 
LVL 8

Author Comment

by:plq
ID: 12045717
Thanks, all the passwords are strong and the guest acct is turned off. But some PCs have "everyone - full control"  enabled- would that allow their administrators to access our hard drives on a workgroup (non domain) XP PC ?

thanks
0
 
LVL 16

Expert Comment

by:JammyPak
ID: 12045924
Nope.
'Everyone' means 'Everyone who can successfully authenticate to this machine' - so in this case, that should not include anyone you don't want it to.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 11

Expert Comment

by:PennGwyn
ID: 12046054
No, "Authenticated Users" means  'Everyone who can successfully authenticate to this machine'.  "Everyone" means "Everyone".

If your machine is joined to the customer's domain, then their "Domain Admins" will have whatever permissions on your machine that group is given.  (I used to work in a company where I eventually provided all employees with a login script that re-added "Domain Admins" to their local "Administrators" group....)

0
 
LVL 8

Author Comment

by:plq
ID: 12046213
OK got it I think

customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

Presumably the vpn software wouldn't fire a logon script under my credentials as that would be a security compromise ?
0
 
LVL 16

Expert Comment

by:JammyPak
ID: 12046231
well, regardless, 'Everyone' does not mean that the domain admins will have any permissions to his XP machine that's in a workgroup - unless he's granted them permission explicitly (which is what he's concerned about). In this case, Everyone isn't truly 'Everyone'.

The main difference is that 'Everyone' includes 'Guest', which he's confirmed is disabled. Also, 'anonymous users' could do things like enumerate shares in previous OS versions, but that still wouldn't give them any resource access that isn't explicitly granted.

http://www.winnetmag.com/Web/Article/ArticleID/23581/23581.html
0
 
LVL 16

Accepted Solution

by:
JammyPak earned 500 total points
ID: 12046275
>customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

yes, unless you happened to have the exact same password for your administrator account


0
 
LVL 8

Author Comment

by:plq
ID: 12046309
thanks
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Make the most of your online learning experience.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question