[ale] cygwin security concerns under Windows?

Greg Freemyer greg.freemyer at gmail.com
Thu Aug 7 15:34:04 EDT 2008 

If you have samba installed try this from your box.

net -S <server_ip> -U <administrator> rpc service list

For more choices leave off the word list.

ie. talking to a Windows 2000 server we have here

> net -S 10.0.1.45 -U administrator rpc service
net rpc service list               View configured Win32 services
net rpc service start <service>    Start a service
net rpc service stop <service>     Stop a service
net rpc service pause <service>    Pause a service
net rpc service resume <service>   Resume a paused service
net rpc service status <service>   View the current status of a service

I don't know how to feed in the password from a script, but you need
something to work on.  (it may be trivial using a here doc.

>From windows the above should also work I think, or you can also use
"sc" from the windows resource kit (I think).

Greg


2008/8/7 Jeff Lightner <jlightner at water.com>:
> We're considering installing cygwin to run sshd on one of our Windows
> production servers.
>
> My co-worker seems to hate Cygwin for some reason so is throwing up
> objections that aren't articulated very well.   Is there in fact any reason
> that Cygwin sshd on Windows 2000 or 2003 would be more insecure than sshd on
> a UNIX/Linux server?  Is Cygwin itself insecure?
>
> Alternatively is there another way to achieve our purpose?  Our purpose to
> kick off a cron script on one (Unix) server that would stop the Windows
> server applications, UNIX server applications and separate UNIX server
> database then restart them in reverse order.   My Windows admin couldn't
> think of any tool I could interface natively with on Windows that would
> allow a remote machine (even Windows) connect and do such service stop in an
> automated fashion.
>
>
>
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential
> information and is for the sole use of the intended recipient(s). If you are
> not the intended recipient, any disclosure, copying, distribution, or use of
> the contents of this information is prohibited and may be unlawful. If you
> have received this electronic transmission in error, please reply
> immediately to the sender that you have received the message in error, and
> delete it. Thank you.
> ----------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
>



-- 
Greg Freemyer
Litigation Triage Solutions Specialist
http://www.linkedin.com/in/gregfreemyer
First 99 Days Litigation White Paper -
http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf

The Norcross Group
The Intersection of Evidence & Technology
http://www.norcrossgroup.com

More information about the Ale mailing list