How to wreck a computer via a vpn connection and administr..

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,

The question in short is: "How to wreck my own computer by loging into it
remotely via vpn connection with an administrator account" ;)

Most services are disabled etc (on the host which is windows xp)... ;)

Windows 98 <- vpn connection -> Windows XP
Bad Hacker Poor victim :)

Bye,
Skybuck.

"Skybuck Flying" <nospam@hotmail.com> wrote in message news:...
>
> "Tom Che [MSFT]" <v-tomche@online.microsoft.com> wrote in message
> news:bo2V59oPFHA.1960@TK2MSFTNGXA01.phx.gbl...
> > Hi Skybuck,
> >
> > Thank you for posting again.
> >
> > First, I would like to explain that our newsgroup is an issue based
> > service, meaning we usually respond to one question/issue per post.
This
> > will lessen the confusion for both of us, as well as ensure that our
> > results are accurate and not a result of a test for a different
question.
> > If you have additional question(s), please open a new post so that the
> > dedicated MS engineer can help you on it in a more efficient manner.
> Thank
> > you for your understanding and cooperation.
>
> Ok, I logged into my own computer as an administrator from another
computer
> which is running windows 98.
>
> Windows 98 doesn't have MMC so I guess this theory is now stuck ;) ?
>
> I did check out these things below locally. I don't see a services section
> anywhere... so I can't start any services remotely or maybe these can be
> started indirectly somehow ;) (?)
>
> Anyway I looked at all the group policies and stuff...
>
> But I don't see "Remote Desktop" anywhere...
>
> I do see other stuff like "Remote Assistance" and "Net meeting" etc.
>
> I am still interested in finding out if and how someone else with say
admins
> rights could wreck my computer via a vpn connection ;)
>
> Bye,
> Skybuck.
>
> >
> > To modify GPO remotely, please refer to the following steps:
> >
> > Step 1
> > Click start -> Run, and then input mmc; click OK.
> >
> > Step 2
> > Click File -> Add/Remove Snap-in, and then click Add button in the
pop-up
> > window. Select Group Policy Object Editor, and then click Add button.
> >
> > Step 3
> > Click Browse button, and then click Computers tab. Select Another
> > computer, and then input the computer name you want to modify, or click
> > Browse button to find it.
> >
> > Step 4
> > Click OK, and then Click Finish button. Now you can modify this
> computer's
> > GPO if you have Administrator permission.
> >
> > Have a nice day!
> >
> > Sincerely,
> > Tom Che
>
>
3 answers Last reply
More about wreck computer connection administr
  1. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Hi Skybuck,

    Thank you for posting and this is Tom again. :)

    From your post, my understanding of this issue is: How to wreck a computer
    with Windows XP by logging into it remotely via VPN connection, when the
    hacker having an Administrator Account of Windows XP is using Windows 98
    client. If this is not correct, please feel free to let me know.

    To be frank with you, I don't understand why you always suppose that your
    Administrator Account had been stolen. The Administrator Account is
    top-drawer for an administrator of a computer or a network, because this
    account is sovereign in the computer or network. Therefore, the
    administrator should do his best to protect his account, and had better not
    empower anybody for anything unless he can be trusted totally.

    To protect Administrator Account better:
    --------------------------------------
    1. Change the name - If you keep the name the same as the default, this
    provides 1/2 of the information that an attacker needs to log on as the
    account. You can change the name to obfuscate the account to novice
    hackers, such as Mike Lee.

    2. Reset the description - Since the description of the Administrator
    Account states that it is the default Administrator Account, changing this
    (or deleting it) will help protect it.

    3. Create a "false" Administrator Account - There are many attackers that
    are just looking for the name Administrator. So, if you create an account
    that has no privileges and is even disabled, the attacker will not have a
    chance to gain access to your network under this account.

    4. Configure a complex password for the account - Observe the following
    Password Rules:
    - Must be 8 characters long at least.
    - Must have at least 1 capital letter, 1 lower case letter, and 1 number or
    punctuation, but no spaces.
    - Cannot be based on your name, NetID, or on words found in a dictionary.
    - Cannot be based on simple repeating patterns.

    5. If you found any evidence that the Administrator Account had been
    stolen, you must change the old password immediately.
    --------------------------------------

    Back to your question, if a hacker using Windows 98 logged on your Windows
    XP with Administrator Account via VPN, he can full control all resources on
    Windows XP, such as read and write even delete all files just with My
    Network Places... Is this a "wreck" or not? ;)

    I believe that actually you want to protect your computer, so please
    protect your Administrator Account above all.

    Have a nice weekend!

    Sincerely,
    Tom Che

    Microsoft Online Partner Support
    Get Secure! - www.microsoft.com/security
    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    >From: "Skybuck Flying" <nospam@hotmail.com>
    >Newsgroups: microsoft.public.windowsxp.work_remotely
    >Subject: How to wreck a computer via a vpn connection and administrator
    account ?
    >Date: Thu, 14 Apr 2005 17:55:56 +0200
    >Organization: @Home Benelux
    >Lines: 84
    >Message-ID: <d3m3iu$atr$1@news3.zwoll1.ov.home.nl>
    >NNTP-Posting-Host: cp250405-a.landg1.lb.home.nl
    >X-Trace: news3.zwoll1.ov.home.nl 1113493918 11195 84.25.126.9 (14 Apr 2005
    15:51:58 GMT)
    >X-Complaints-To: usenet@corp.home.nl
    >NNTP-Posting-Date: Thu, 14 Apr 2005 15:51:58 +0000 (UTC)
    >X-Priority: 3
    >X-MSMail-Priority: Normal
    >X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
    >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
    >Path:
    TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
    ne.de!fr.ip.ndsoftware.net!feeder.enertel.nl!nntpfeed-01.ops.asmr-01.energis
    -idc.net!feeder.xsnews.nl!feeder.news-service.com!newshub2.home.nl!newshub1.
    home.nl!home.nl!not-for-mail
    >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.work_remotely:10933
    >X-Tomcat-NG: microsoft.public.windowsxp.work_remotely
    >
    >Hi,
    >
    >The question in short is: "How to wreck my own computer by loging into it
    >remotely via vpn connection with an administrator account" ;)
    >
    >Most services are disabled etc (on the host which is windows xp)... ;)
    >
    >Windows 98 <- vpn connection -> Windows XP
    >Bad Hacker Poor victim :)
    >
    >Bye,
    > Skybuck.
    >
    >"Skybuck Flying" <nospam@hotmail.com> wrote in message news:...
    >>
    >> "Tom Che [MSFT]" <v-tomche@online.microsoft.com> wrote in message
    >> news:bo2V59oPFHA.1960@TK2MSFTNGXA01.phx.gbl...
    >> > Hi Skybuck,
    >> >
    >> > Thank you for posting again.
    >> >
    >> > First, I would like to explain that our newsgroup is an issue based
    >> > service, meaning we usually respond to one question/issue per post.
    >This
    >> > will lessen the confusion for both of us, as well as ensure that our
    >> > results are accurate and not a result of a test for a different
    >question.
    >> > If you have additional question(s), please open a new post so that the
    >> > dedicated MS engineer can help you on it in a more efficient manner.
    >> Thank
    >> > you for your understanding and cooperation.
    >>
    >> Ok, I logged into my own computer as an administrator from another
    >computer
    >> which is running windows 98.
    >>
    >> Windows 98 doesn't have MMC so I guess this theory is now stuck ;) ?
    >>
    >> I did check out these things below locally. I don't see a services
    section
    >> anywhere... so I can't start any services remotely or maybe these can be
    >> started indirectly somehow ;) (?)
    >>
    >> Anyway I looked at all the group policies and stuff...
    >>
    >> But I don't see "Remote Desktop" anywhere...
    >>
    >> I do see other stuff like "Remote Assistance" and "Net meeting" etc.
    >>
    >> I am still interested in finding out if and how someone else with say
    >admins
    >> rights could wreck my computer via a vpn connection ;)
    >>
    >> Bye,
    >> Skybuck.
    >>
    >> >
    >> > To modify GPO remotely, please refer to the following steps:
    >> >
    >> > Step 1
    >> > Click start -> Run, and then input mmc; click OK.
    >> >
    >> > Step 2
    >> > Click File -> Add/Remove Snap-in, and then click Add button in the
    >pop-up
    >> > window. Select Group Policy Object Editor, and then click Add button.
    >> >
    >> > Step 3
    >> > Click Browse button, and then click Computers tab. Select Another
    >> > computer, and then input the computer name you want to modify, or click
    >> > Browse button to find it.
    >> >
    >> > Step 4
    >> > Click OK, and then Click Finish button. Now you can modify this
    >> computer's
    >> > GPO if you have Administrator permission.
    >> >
    >> > Have a nice day!
    >> >
    >> > Sincerely,
    >> > Tom Che
    >>
    >>
    >
    >
    >
  2. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Ok, maybe I dont wanna wreck my computer.

    Maybe I just wanna find out how to enable/disable things.

    Currently I have no idea how to do that ?

    Especially the services stuff...

    As stated windows 98 doesn' have the mms console so how to proceed ?
  3. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Hi Skybuck,

    Thanks for reply.

    If you disable Remote Desktop and so on, it's really not easy to do
    something dangerous in Windows 98 via VPN to your Windows XP. We cannot
    remotely modify Services or GPO etc in Windows 98. Maybe it's safe now.
    But, I'm not a hacker... Maybe they can do something other guys cannot...

    Have a nice day!

    Sincerely,
    Tom Che

    Microsoft Online Partner Support
    Get Secure! - www.microsoft.com/security
    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    >From: "Skybuck Flying" <nospam@hotmail.com>
    >Newsgroups: microsoft.public.windowsxp.work_remotely
    >Subject: Re: How to wreck a computer via a vpn connection and
    administrator account ?
    >Date: Wed, 20 Apr 2005 20:43:00 +0200
    >Organization: @Home Benelux
    >Lines: 12
    >Message-ID: <d467je$gde$1@news2.zwoll1.ov.home.nl>
    >References: <d3m3iu$atr$1@news3.zwoll1.ov.home.nl>
    <mOksr9bQFHA.3704@TK2MSFTNGXA02.phx.gbl>
    >NNTP-Posting-Host: cp250405-a.landg1.lb.home.nl
    >X-Trace: news2.zwoll1.ov.home.nl 1114022318 16814 84.25.126.9 (20 Apr 2005
    18:38:38 GMT)
    >X-Complaints-To: usenet@corp.home.nl
    >NNTP-Posting-Date: Wed, 20 Apr 2005 18:38:38 +0000 (UTC)
    >X-Priority: 3
    >X-MSMail-Priority: Normal
    >X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
    >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
    >Path:
    TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
    ne.de!fr.ip.ndsoftware.net!border2.nntp.ams.giganews.com!nntp.giganews.com!n
    ewshub2.home.nl!newshub1.home.nl!home.nl!not-for-mail
    >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.work_remotely:11026
    >X-Tomcat-NG: microsoft.public.windowsxp.work_remotely
    >
    >Ok, maybe I dont wanna wreck my computer.
    >
    >Maybe I just wanna find out how to enable/disable things.
    >
    >Currently I have no idea how to do that ?
    >
    >Especially the services stuff...
    >
    >As stated windows 98 doesn' have the mms console so how to proceed ?
    >
    >
    >
    >
Ask a new question

Read More

Connection Computers vpn Windows XP