i work in the IT dept at a printing company. my assistant, the ever-curious one, loaded up advanced IP scanner, right clicked on my machine and chose 'remote shutdown'.
suddenly i got a message that machine would be shutting off in 60 seconds. he is not a user on my machine, and shouldn't have this permission. i am not running radmin. i am awestruck that anyone in the building could load up this program and shut my computer off on me. what kind of sysadmin would i be if that started happening?
how does this work, how can it be stopped?
i am running w2kpro_sp3 and so is he. i can provide more detailed information if needed (such as specific user and domain information, etc).
For all other people who are interested - Advanced IP Scanner uses standard Windows function called "InitiateSystemShutdown". If your computer can be shutdowned with it, it means that your system security is not configured. Please, refer to Windows manual on security configurations details.
Best regards, Gregor Petrov, Famatech Support Team
I don't suppose you could expand on what security setting isn't correct to allow this to happen? I have come across the same problem as Mark and would like to secure atleast the more critical network mahcines againist this.
Nevermind, I found what I was looking for, but for anyone else heading into this, locally you need to set under Local security policy (admin tools) look for force shutdown from network (sry, can't be specific, at home now) you should set this to be administrators only
However, the main problem will be for those on domains, you need to set the same policy you did in local security policy in your group policy (probably for entire domain, but thats up to you) so that only users you want to be able to remote shutdown can do this, e.g. domain admins
Users browsing this topic
Number of guests: 1,
registered members: 0,
in total hidden: