Solved

Easy VPN Question

Posted on 2004-09-13
8
290 Views
Last Modified: 2010-04-11
When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ? or is the security automatically built into the vpn software to protect my pc ?

We use several vpn packages for different clients including Checkpoint, Cisco and Microsoft standard windows vpn

thanks
0
Comment
Question by:plq
  • 4
  • 3
8 Comments
 
LVL 16

Expert Comment

by:JammyPak
Comment Utility
>When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ?

no, it doesn't.

>or is the security automatically built into the vpn software to protect my pc ?

no, it isn't - you still have to make sure your PC is secure - don't leave Admin password blank, don't leave Guest account enabled, etc.


0
 
LVL 8

Author Comment

by:plq
Comment Utility
Thanks, all the passwords are strong and the guest acct is turned off. But some PCs have "everyone - full control"  enabled- would that allow their administrators to access our hard drives on a workgroup (non domain) XP PC ?

thanks
0
 
LVL 16

Expert Comment

by:JammyPak
Comment Utility
Nope.
'Everyone' means 'Everyone who can successfully authenticate to this machine' - so in this case, that should not include anyone you don't want it to.
0
 
LVL 11

Expert Comment

by:PennGwyn
Comment Utility
No, "Authenticated Users" means  'Everyone who can successfully authenticate to this machine'.  "Everyone" means "Everyone".

If your machine is joined to the customer's domain, then their "Domain Admins" will have whatever permissions on your machine that group is given.  (I used to work in a company where I eventually provided all employees with a login script that re-added "Domain Admins" to their local "Administrators" group....)

0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 8

Author Comment

by:plq
Comment Utility
OK got it I think

customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

Presumably the vpn software wouldn't fire a logon script under my credentials as that would be a security compromise ?
0
 
LVL 16

Expert Comment

by:JammyPak
Comment Utility
well, regardless, 'Everyone' does not mean that the domain admins will have any permissions to his XP machine that's in a workgroup - unless he's granted them permission explicitly (which is what he's concerned about). In this case, Everyone isn't truly 'Everyone'.

The main difference is that 'Everyone' includes 'Guest', which he's confirmed is disabled. Also, 'anonymous users' could do things like enumerate shares in previous OS versions, but that still wouldn't give them any resource access that isn't explicitly granted.

http://www.winnetmag.com/Web/Article/ArticleID/23581/23581.html
0
 
LVL 16

Accepted Solution

by:
JammyPak earned 125 total points
Comment Utility
>customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

yes, unless you happened to have the exact same password for your administrator account


0
 
LVL 8

Author Comment

by:plq
Comment Utility
thanks
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now