PHWinfo - Afficher un message

15/02/2007, 13h24

Thank you for the reply!

> I think you are thinking of a Master Browser role. There is no way
> that machine can become a PDC, BDC or other member of a domain without
> proper authentication.

No, I was thinking about PDC. What I want is a way to be sure that
nobody else will "fake" any user on my network and possibly do bad
things - take their passwords, DoS or whatever else that is possible
when one has the admin access to the PDC. I want to make sure that the
machine I put in the PDC role is really the only machine that has this
role and that noone can replace it with another machine that can
become a PDC on my domain. What would happen if the power failure
occurs, all machines go down, power comes back and all machines,
together with the machine that tries to become the PDC, comes up
first. As far as I could read from the link you gave, the domain
master browser would be set to that "hacker" computer, because it will
be online the longest time. From the middle of the text behind the
link you gave: "Beyond that the election is based on the computer that
is running the longest, then alphabetic order by computer name.". Is
the same situation with PDC? How is PDC determined? If this is the
case, then any power or network failure is a potential security hole.
I am interested in security, not in being able to browse. I need a way
to disallow some users to do something, so if I cannot be sure that my
server is PDC, then this is not possible (or am I wrong about
that?)...

> For more info about netbios browsing, browser wars, and prolly more
> than you want to know on the subject:
>
> http://www.comptechdoc.org/os/window...snfinding.html

I couldn't find anything here about PDCs, do you have any other link
that might answer the previous question?

Thanks again!

15/02/2007, 13h24	#3
dt Messages: n/a Hébergeur:	Re: PDC & hackers Thank you for the reply! > I think you are thinking of a Master Browser role. There is no way > that machine can become a PDC, BDC or other member of a domain without > proper authentication. No, I was thinking about PDC. What I want is a way to be sure that nobody else will "fake" any user on my network and possibly do bad things - take their passwords, DoS or whatever else that is possible when one has the admin access to the PDC. I want to make sure that the machine I put in the PDC role is really the only machine that has this role and that noone can replace it with another machine that can become a PDC on my domain. What would happen if the power failure occurs, all machines go down, power comes back and all machines, together with the machine that tries to become the PDC, comes up first. As far as I could read from the link you gave, the domain master browser would be set to that "hacker" computer, because it will be online the longest time. From the middle of the text behind the link you gave: "Beyond that the election is based on the computer that is running the longest, then alphabetic order by computer name.". Is the same situation with PDC? How is PDC determined? If this is the case, then any power or network failure is a potential security hole. I am interested in security, not in being able to browse. I need a way to disallow some users to do something, so if I cannot be sure that my server is PDC, then this is not possible (or am I wrong about that?)... > For more info about netbios browsing, browser wars, and prolly more > than you want to know on the subject: > > http://www.comptechdoc.org/os/window...snfinding.html I couldn't find anything here about PDCs, do you have any other link that might answer the previous question? Thanks again!