Easy VPN Question

When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ? or is the security automatically built into the vpn software to protect my pc ?

We use several vpn packages for different clients including Checkpoint, Cisco and Microsoft standard windows vpn

thanks
LVL 8
plqAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
JammyPakConnect With a Mentor Commented:
>customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

yes, unless you happened to have the exact same password for your administrator account


0
 
JammyPakCommented:
>When I connect to a customers network through a vpn, does the customers domain admin account automatically get access to my hard disk drive ?

no, it doesn't.

>or is the security automatically built into the vpn software to protect my pc ?

no, it isn't - you still have to make sure your PC is secure - don't leave Admin password blank, don't leave Guest account enabled, etc.


0
 
plqAuthor Commented:
Thanks, all the passwords are strong and the guest acct is turned off. But some PCs have "everyone - full control"  enabled- would that allow their administrators to access our hard drives on a workgroup (non domain) XP PC ?

thanks
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
JammyPakCommented:
Nope.
'Everyone' means 'Everyone who can successfully authenticate to this machine' - so in this case, that should not include anyone you don't want it to.
0
 
PennGwynCommented:
No, "Authenticated Users" means  'Everyone who can successfully authenticate to this machine'.  "Everyone" means "Everyone".

If your machine is joined to the customer's domain, then their "Domain Admins" will have whatever permissions on your machine that group is given.  (I used to work in a company where I eventually provided all employees with a login script that re-added "Domain Admins" to their local "Administrators" group....)

0
 
plqAuthor Commented:
OK got it I think

customerdomain\administrator wouldn't authenticate on my box right  ? They'd get the logon dialog asking for credentials

Presumably the vpn software wouldn't fire a logon script under my credentials as that would be a security compromise ?
0
 
JammyPakCommented:
well, regardless, 'Everyone' does not mean that the domain admins will have any permissions to his XP machine that's in a workgroup - unless he's granted them permission explicitly (which is what he's concerned about). In this case, Everyone isn't truly 'Everyone'.

The main difference is that 'Everyone' includes 'Guest', which he's confirmed is disabled. Also, 'anonymous users' could do things like enumerate shares in previous OS versions, but that still wouldn't give them any resource access that isn't explicitly granted.

http://www.winnetmag.com/Web/Article/ArticleID/23581/23581.html
0
 
plqAuthor Commented:
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.