Re: the case of a stolen notebook
On Wednesday 29 May 2002 11:16 am, Rauno Linnamäe wrote:
> Hello,
>
> We are running a Debian (potato) box with Samba as PDC for user
> authentication and file server for W2k LAN clients. Recently one of our
> notebooks was stolen. As I can identify all the users who have ever logged
> in via that notebook, and may have their samba password stored on the
> machine, I revoked all these passwords.
>
> Can any of you think of any other steps I should take to minimise the risk
> of some black-hat abusing the information stored by W2k against our
> server/network?
This is no way to think if you're a security geek, but if you want to make
yourself feel better the person who stole your notebook is a mere theif and
is incapable of using any information other than credit/financial information
that can lead again to more theft.
On the other hand, purge the users' login's make a significant change to the
username converntion since he/she knows what you currently use and can use
this to his/her advantage for later brute force attacks.
He also knows your internal address space information (ie your Internal ip
addresses are now 'public),of course that is a significant network change if
your dealing with several thousand hosts.
>
> Regards,
>
> Rauno
--
-----------------------
Orlando Padilla
xbud@g0thead.com
"I only drink to make other people interesting"
www.g0thead.com/xbud.asc
-----------------------
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: