集成的Windows身份验证和从XP克隆用户
[英]Integrated windows authentication and cloning users from xp
问题描述
I have a security question about integrated windows authentication. 
我有一个有关集成Windows身份验证的安全性问题。
Let say we are using .net remoting hosted in iis. 假设我们使用的是iis中托管的.net远程处理。 The system uses integrated windows authentication. 系统使用集成的Windows身份验证。
What if some client manages to clone the OS to other PC or just clone the user to other PC. 如果某些客户端设法将操作系统克隆到另一台PC或仅将用户克隆到另一台PC,该怎么办。 (Other PC whit the same username and same password hash) (其他PC使用相同的用户名和相同的密码哈希)
Then also the other PC can access the server resources pretending that it is someone else and make some bad thinks. 然后,另一台PC也可以假装它是别人来访问服务器资源,并做出一些不好的想法。
Is this possible? 这可能吗? Cloning the same user to other PC is a peace of cake. 将同一用户克隆到其他PC可以轻松了。 The user that is using the client can find several ways to to this. 使用客户端的用户可以找到几种解决方法。
How can I prevent this scenario? 如何防止这种情况?
1 个解决方案
解决方案1
0 2010-03-09 12:59:32
After cloning you would also need an active session with the user being logged on. 克隆后,您还需要与登录用户进行活动会话。 This only works if 仅当
- The user was logged on to the original PC and the PC was hibernated, and 用户已登录到原始PC,并且PC处于休眠状态,并且
- If Windows has been configured not to ask for credentials when resuming a hibernated session. 如果Windows已配置为在恢复休眠会话时不要求提供凭据。
So basically attackers can use that to impersonate as someone else only if they have physical access to the machine and if the system is not configured in a secure way. 因此,基本上,攻击者只有在对计算机具有物理访问权限且未以安全方式配置系统的情况下,才可以使用该方法来假冒他人。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.