On Mon, 25 Sep 2006 14:16:07 BST, c0redump@xxxxxxxxxxxxx said: > How is the user able to get the internet while the network cable is unplugged? Well, assuming the hack actually *works*, once you're logged on as a local admin, you're free to plug the cable back in. (If the *real* issue here is that your profile isn't available, it might get interesting if it happens to show up once you're logged in. But I seem to remember that GPO is only applied at logon, because you have to bounce active users to push a new one. I'm not a windows guy so I may be wrong thought...) > Secondly, it is the proxy server in 99% of cases which restricts which > websites the user can/cannot visit, not the local policies. One might hope that. But there's an awful lot of McSE (you want fries with that) out there that: a) Don't know how to set up a proxy server, but do know how to set a local policy. b) Don't understand the difference between "default deny" and "default allow", and why one leads to whack-a-mole website hunting....
Attachment:
pgp9TPHXK5fuE.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/