Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hacked through Server versions group policy?


  • Please log in to reply
5 replies to this topic

#1 bwrighttwo

bwrighttwo

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:58 AM

Posted 04 October 2012 - 08:54 PM

What are the chances of getting hacked/compromised through server versions (2003/2008) group policy settings. sorry if I am wrong about the names but I think someone may know what I mean. Thanks

Edited by Andrew, 05 October 2012 - 01:56 AM.
Mod Edit: Moved from Win7 To Win 200X - AA


BC AdBot (Login to Remove)

 


#2 Phoenix102

Phoenix102

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:East Coast of Florida
  • Local time:03:58 AM

Posted 05 October 2012 - 04:57 PM

I'm not sure what you mean. I have never heard of someone being hacked through GPO. Can the workstation be controlled by the domain controller group policies to do or not do what ever the system admin wants? Yes, that is the point of GPO. Controlling the network workstations with out having to touch a keyboard on each one to enforce policies the users will abide by. It is used mainly for domain security but there are many settings that can be controlled. I have never seen malware written for GPO distribution.

#3 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:58 AM

Posted 05 October 2012 - 08:02 PM

I think that I was compromised by malware prior but someone had enough time to configure my machine and networks to take control after the initial hack. Is this possible?

#4 Phoenix102

Phoenix102

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:East Coast of Florida
  • Local time:03:58 AM

Posted 06 October 2012 - 10:46 AM

This is just my opinion but I guess under the right set of circumstances you could have a backdoor and a keylogger. Typical malware is written for mass distribution, get it on as many PC as possible. To get on your network and edit the GPO... this takes time and most users don't know that group policies exist and can be edited. I would suspect someone that wanted to personally do your network or company harm.

#5 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:58 AM

Posted 06 October 2012 - 07:52 PM

:thumbup2: Long story. I am in the process of composing "mOle" (Site tech that has been helping me) my testimony. I will forward it to you if you want.

Edited by bwrighttwo, 06 October 2012 - 08:04 PM.


#6 Phoenix102

Phoenix102

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:East Coast of Florida
  • Local time:03:58 AM

Posted 06 October 2012 - 11:01 PM

I'd like to see it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users