Major Flaws in Windows Network Caching: by nidgid -[ the Keyboard Kowboy ]- (nidgid@cyberspace.org) 1) This one I found by accident. I always keep Netscape on a remote machine to save a little local space. I keep a shortcut to Netscape on my desktop which of course spawns Netscape from my other peer. I turned on my machine one day and pressed escape instead of logging in on accident.. started up Netscape.. THEN REALIZED I HADN'T LOGGED IN. Don't you see? That's the problem.. Windows isn't supposed to allow me to access the via Network Neighborhood unless I logged in, but for some reason it allows me to view the network this way. With this in mind I logged in, started Network Neighborhood then created a shortcut to my Remote C:. Then restarted Windows, didn't log in, then double-clicked my 'Shortcut to C:' icon on my desktop. It let me right in. Even though it sets it up as read-only unless you log in, it still allows you to copy files from/read the whole system. 2) The other day I was networking a Win95 computer to a Win98 computer via IPX/SPX. I came across a problem that Microsoft badly needs to fix. Once the network is setup, the user defines which directories/files he/she wants to add to his/her list of things to share. Should look like this: Network Neighborhood/Entire Network/Workgroup/Computer-Name/shared files and directories. (or) Network Neighborhood/Computer-Name/shared files and directories Windows allows you to make two kinds of restrictions (a password) on these shared files and directories. 1. A read-only password 2. A full access password You probably wont run into this problem unless you are on a peer-to-peer network using Win9x. The problem is this.. If a sysadmin logs in to one of these directories with the full access password even for just a second, Windows caches it until the system is rebooted or logged out then back in. A system administrator might think if he/she simply closes that folder, it will re-ask for a password if anyone tries to access it again. That is not so. Fix: As a system administrator, it is VITAL to reboot or logout if you have accessed these directories with the full access password if any untrusted person has access to your workstation. 3) Remember the program called Revelation that reads those '*'s that Windows displays in passwords? Well, it's not like this is a big find or anything, but when you have a network then right click on a folder then click 'sharing' it allows you to set up read-only passwords as well as full access passwords (duh).. I started up my Revelation program (http://www.snadboy.com/Revelation.shtml) pointed the little target with a circle to my passwords, and wammo.. it told me my password. I thought Microsoft would have fixed or changed the way they cache their passwords in Win98, but I guess I was wrong.