[ale] cygwin security concerns under Windows?

Jeff Lightner jlightner at water.com
Thu Aug 7 16:23:37 EDT 2008


Maybe one could use "expect" if it prompts for password.  Haven't used
Samba this way before.

-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Greg
Freemyer
Sent: Thursday, August 07, 2008 3:34 PM
To: ale at ale.org
Subject: Re: [ale] cygwin security concerns under Windows?

If you have samba installed try this from your box.

net -S <server_ip> -U <administrator> rpc service list

For more choices leave off the word list.

ie. talking to a Windows 2000 server we have here

> net -S 10.0.1.45 -U administrator rpc service
net rpc service list               View configured Win32 services
net rpc service start <service>    Start a service
net rpc service stop <service>     Stop a service
net rpc service pause <service>    Pause a service
net rpc service resume <service>   Resume a paused service
net rpc service status <service>   View the current status of a service

I don't know how to feed in the password from a script, but you need
something to work on.  (it may be trivial using a here doc.

>From windows the above should also work I think, or you can also use
"sc" from the windows resource kit (I think).

Greg


2008/8/7 Jeff Lightner <jlightner at water.com>:
> We're considering installing cygwin to run sshd on one of our Windows
> production servers.
>
> My co-worker seems to hate Cygwin for some reason so is throwing up
> objections that aren't articulated very well.   Is there in fact any
reason
> that Cygwin sshd on Windows 2000 or 2003 would be more insecure than
sshd on
> a UNIX/Linux server?  Is Cygwin itself insecure?
>
> Alternatively is there another way to achieve our purpose?  Our
purpose to
> kick off a cron script on one (Unix) server that would stop the
Windows
> server applications, UNIX server applications and separate UNIX server
> database then restart them in reverse order.   My Windows admin
couldn't
> think of any tool I could interface natively with on Windows that
would
> allow a remote machine (even Windows) connect and do such service stop
in an
> automated fashion.
>
>
>
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or
confidential
> information and is for the sole use of the intended recipient(s). If
you are
> not the intended recipient, any disclosure, copying, distribution, or
use of
> the contents of this information is prohibited and may be unlawful. If
you
> have received this electronic transmission in error, please reply
> immediately to the sender that you have received the message in error,
and
> delete it. Thank you.
> ----------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
>



-- 
Greg Freemyer
Litigation Triage Solutions Specialist
http://www.linkedin.com/in/gregfreemyer
First 99 Days Litigation White Paper -
http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pd
f

The Norcross Group
The Intersection of Evidence & Technology
http://www.norcrossgroup.com
_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------



More information about the Ale mailing list