Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 297
  • Last Modified:

Easy VPN Question

When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ? or is the security automatically built into the vpn software to protect my pc ?

We use several vpn packages for different clients including Checkpoint, Cisco and Microsoft standard windows vpn

thanks
0
plq
Asked:
plq
  • 4
  • 3
1 Solution
 
JammyPakCommented:
>When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ?

no, it doesn't.

>or is the security automatically built into the vpn software to protect my pc ?

no, it isn't - you still have to make sure your PC is secure - don't leave Admin password blank, don't leave Guest account enabled, etc.


0
 
plqAuthor Commented:
Thanks, all the passwords are strong and the guest acct is turned off. But some PCs have "everyone - full control"  enabled- would that allow their administrators to access our hard drives on a workgroup (non domain) XP PC ?

thanks
0
 
JammyPakCommented:
Nope.
'Everyone' means 'Everyone who can successfully authenticate to this machine' - so in this case, that should not include anyone you don't want it to.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
PennGwynCommented:
No, "Authenticated Users" means  'Everyone who can successfully authenticate to this machine'.  "Everyone" means "Everyone".

If your machine is joined to the customer's domain, then their "Domain Admins" will have whatever permissions on your machine that group is given.  (I used to work in a company where I eventually provided all employees with a login script that re-added "Domain Admins" to their local "Administrators" group....)

0
 
plqAuthor Commented:
OK got it I think

customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

Presumably the vpn software wouldn't fire a logon script under my credentials as that would be a security compromise ?
0
 
JammyPakCommented:
well, regardless, 'Everyone' does not mean that the domain admins will have any permissions to his XP machine that's in a workgroup - unless he's granted them permission explicitly (which is what he's concerned about). In this case, Everyone isn't truly 'Everyone'.

The main difference is that 'Everyone' includes 'Guest', which he's confirmed is disabled. Also, 'anonymous users' could do things like enumerate shares in previous OS versions, but that still wouldn't give them any resource access that isn't explicitly granted.

http://www.winnetmag.com/Web/Article/ArticleID/23581/23581.html
0
 
JammyPakCommented:
>customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

yes, unless you happened to have the exact same password for your administrator account


0
 
plqAuthor Commented:
thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now