Re: the case of a stolen notebook
On Wednesday 29 May 2002 11:16 am, Rauno Linnamäe wrote:
> We are running a Debian (potato) box with Samba as PDC for user
> authentication and file server for W2k LAN clients. Recently one of our
> notebooks was stolen. As I can identify all the users who have ever logged
> in via that notebook, and may have their samba password stored on the
> machine, I revoked all these passwords.
> Can any of you think of any other steps I should take to minimise the risk
> of some black-hat abusing the information stored by W2k against our
This is no way to think if you're a security geek, but if you want to make
yourself feel better the person who stole your notebook is a mere theif and
is incapable of using any information other than credit/financial information
that can lead again to more theft.
On the other hand, purge the users' login's make a significant change to the
username converntion since he/she knows what you currently use and can use
this to his/her advantage for later brute force attacks.
He also knows your internal address space information (ie your Internal ip
addresses are now 'public),of course that is a significant network change if
your dealing with several thousand hosts.
"I only drink to make other people interesting"
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org