Got this from me101 who didn't have time to post, fortunately I do ;)
The following problems listed below apply to Windows XP Professional in a Workgroup for more details and further information click the link below.
1. Problem with account locking due to fast user switching
Fast user switching is a new Windows XP feature, which allows simultaneous logging on of more than one user. It is based on Terminal Services technology and runs unique user sessions that enable each user's data to be entirely separated. Fast User Switching is enabled by default on a stand-alone or workgroup-connected computer. It is not available in domains.
2. Problem with reset password disk
Windows XP introduced a new feature - "Password Reset Disk", which can be used to recover user account and personalized computer settings if a user forgets his password.
The problem is that in certain conditions (Minimum password age <> 0) user may not be able to reset his password using above mentioned disk and the only solution is the reset password feature available to the Administrator. First, make sure the "Minimum password age" policy is set to a value other than zero. Now, supposing the user forgets his password before its age expires, he will not be able to reset it with the disk until the password expires.
3. Remote Desktop sends recently used username in plaintext
Remote Desktop client remembers account name that has been used recently to establish RD session with another machine. When sniffing the network, it was discovered that RD client has send login to the other computer in plain text. It was further clarified that what was actually sent is not a user account name on the destination machine, but username which has been used recently to logon with RD client.
However, assuming that the logon is made to the same computer as recently, RD client sends in clear text user account name present on the destination computer. In some cases, this can pose a big security risk. For example, if RD client is used by users connecting to a terminal server, the attacker can sniff all the TS user accounts.
News source: Beyond-Security's SecuriTeam.com
The following problems listed below apply to Windows XP Professional in a Workgroup for more details and further information click the link below.
1. Problem with account locking due to fast user switching
Fast user switching is a new Windows XP feature, which allows simultaneous logging on of more than one user. It is based on Terminal Services technology and runs unique user sessions that enable each user's data to be entirely separated. Fast User Switching is enabled by default on a stand-alone or workgroup-connected computer. It is not available in domains.
2. Problem with reset password disk
Windows XP introduced a new feature - "Password Reset Disk", which can be used to recover user account and personalized computer settings if a user forgets his password.
The problem is that in certain conditions (Minimum password age <> 0) user may not be able to reset his password using above mentioned disk and the only solution is the reset password feature available to the Administrator. First, make sure the "Minimum password age" policy is set to a value other than zero. Now, supposing the user forgets his password before its age expires, he will not be able to reset it with the disk until the password expires.
3. Remote Desktop sends recently used username in plaintext
Remote Desktop client remembers account name that has been used recently to establish RD session with another machine. When sniffing the network, it was discovered that RD client has send login to the other computer in plain text. It was further clarified that what was actually sent is not a user account name on the destination machine, but username which has been used recently to logon with RD client.
However, assuming that the logon is made to the same computer as recently, RD client sends in clear text user account name present on the destination computer. In some cases, this can pose a big security risk. For example, if RD client is used by users connecting to a terminal server, the attacker can sniff all the TS user accounts.
News source: Beyond-Security's SecuriTeam.com
The news of Playboy's entry into the wireless market is significant if only because Playboy is a well-known brand that could attract plenty of customers, which could pose moral and ethical questions for U.S.-based carriers and even for end-user enterprises, said Alan Reiter, an analyst at Wireless Internet and Mobile Computing in Chevy Chase, Md.
"The carriers are concentrating on rolling out expensive next-generation networks and they need money and applications and customers, so it's going to be a difficult decision to build a wall against services they don't like if they generate a significant amount of money," he said.
Playboy's subscription Internet service, Playboy Cyber Club, was started in August 1997 and last week passed the 100,000 subscriber mark, said spokeswoman Laura Sigman. The free Playboy.com site receives 3.2 million unique views each month, she said.
Reiter said there are already several sites that offer downloads of explicit sexual content to handheld devices, including some over wireless connections. In addition, London-based British Telecommunications PLC offers wireless downloads of such content in Germany, and Hutchison 3G in Hong Kong is exploring such a service, he said. Most of the content is relatively low-resolution black-and-white images, Reiter said.
But faster networks and larger color personal digital assistant screens are on the way, posing a greater dilemma for carriers and enterprise customers, Reiter said. A U.S. carrier could conceivably offer such a service by mid-2002, he said.
"Porn could be an expensive problem for a corporation if a wirelessly enabled field or sales force is able to download megabytes of graphics onto their phones or laptops and the monthly carrier bill increases dramatically," Reiter said. What's more, "no corporation is going to want any of their customers to see an employee looking at porn over their shoulder."
Reiter held a well-attended panel discussion on the question of vice on wireless devices at the Cellular Telecommunications & Internet Association (CTIA) conference in Las Vegas last March. He challenged carriers to consider questions about passing along explicit content to phones that children can easily access, especially since past attempts to self-regulate vice on the wired Internet fell short several years ago and led to stepped-up action by the Federal Trade Commission and hearings in Congress.
An attorney at that event, Lynn Charytan at Washington-based Wilmer, Cutler & Pickering, said carriers already have the right under federal law to restrict what materials reach their subscribers.
CTIA spokesman Travis Larson said U.S. wireless carriers haven't convened formal discussions at CTIA on passing along porn to subscribers. Still, "carriers are very sensitive to the types of information they make available and looking at this very carefully to see it doesn't fall into younger hands."
Sprint PCS Group in Kansas City, Mo., doesn't prevent a customer from typing in a Web address to access a site on an Internet-capable phone, assuming the site makes its content available to a wireless handheld, said spokeswoman Suzanne Lammers. So far, Sprint also doesn't have agreements with gambling or other vice sites to appear on the "home deck" (a handheld's home page) of a Sprint phone with a wireless browser. "Would such a thing ever be on our home deck? That's a different question that hasn't been answered," she said.
Playboy insignias and other animations will first appear in Belgium, the Netherlands, Sweden, Finland, Norway, Denmark, Italy, the Czech Republic, the U.K. and Spain, Playboy's Sigman said. "We are looking for someone as soon as possible to do it in the U.S., but the technology and infrastructure in Europe lends itself to starting there first," she said. Mainly, Europeans rely on the Global System for Mobile standard, while the U.S. has several standards through several major carriers.
Playboy hasn't heard any objections to providing its content wirelessly, she said. At least initially, images will appear mostly on "itty-bitty screens and include the rabbit insignia, which is not objectionable to anybody really," Sigman said. Subscribers to the service will also be able to have their voice mail personalized with the voice of a Playmate of the Month, Sigman said.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.