>Excuse me, but NT does NOT have excellent auditing/security. Internet
>hackers are just starting to wade into NT, and the more I talk to them
>the more gaping holes I find.
Would you mind substantiating this claim a little. I mean, anyone can
make this statement, but without some references to actual possible
attacks, its hardly useful on the Firewalls list is it? I do this stuff
for a living, and am very familiar with many past problems, some that
have been addressed and some that have not. However, in all that, I'm
unfamiliar with any GAPING HOLES in NT's security which cannot be
rectified with the tools included in a basic NT Server package. That
doesn't mean it prevents spoofing or session hijacking, but I don't
consider its inability to deal with these things out of the box as
GAPING HOLES.
A GAPING HOLE would be your ability to connect to a secured network
share without an appropriate user ID/password, or your ability to
read/modify the contents of SAM hive of the registry. Got a hack for
something like that?
>What??? NTFS is not encrypted! NTFS is not a secure file system! You can
>directly edit NTFS disk sectors from WITHIN NT! You can also boot to DOS
>and using the NTFS4DOS driver read any file regardless of encryption. You
>can also reinstall NT and Take Ownership of entire volumes! And if you
>physically transfer the hard disk to another NT box you can also take
>ownership, negating all file security!
O.k., I give, where is there a disk sector editor that works on NTFS
from WITHIN NT! I assume, by your emphasis on this supposed tool, that
it bypasses NTFS security and can be run by a non-Administrator user ID.
If, on the other hand, you are referring to the DIR command, or the TYPE
command, used by the Administrator user who has permissions in the
directory, and on the file in question, then obviously this is by no
means news.
As for the NTFS4DOS program(s), DOS and Linux versions exist, neither of
these programs have any decryption capabilities (re: your statement
"regardless of encryption"). As you pointed out already, NTFS is not
encrypted. Both the DOS and Linux versions are simple sector editors
which can understand the NTFS sector layouts. Whoop-ti-do! Sure, if you
thought NTFS provided encryption or security when NT WASN'T running,
then its news. Neither of these are "hacks" of NT, and neither should
pose a threat to any "properly secured" NT box that has data that is
meant to be confidential. I'm sure our friends at .MIL already know how
to secure the hard disks of their boxes on the classified network
(they've told me that over and over again during the first publication
of the NTFS reader many, many months ago).
Cheers,
Russ
"any sufficiently advanced technology is indistinguishable from
magic"...Arthur C. Clarke
>
|
|
