2
If I take my laptop to work, and join their network, will that mean the administrator has access to my computer as an admin?
This is windows 7 laptop.
I also have a mac laptop, which I can run windows in a VM, that might make it safer correct? Assuming that the VM client can't access the VM parent somehow?
user27449
Posted 2010-06-01T23:48:10.370
Reputation: 5 104
8
As long as you don't join the Active Directory domain, then anyone, including network administrators, are subject to the same security rules, firewalls, and restrictions that anyone else is. If you're worried about them snooping around, then make sure to mark the network as a 'Public' network when you connect and not a 'Work' or 'Home' network - this will set the Windows Firewall in it's most restrictive mode. Also, make sure your file sharing requires a password if it's enabled, and this is good security practice whether you are at home, at a coffee shop, or at work.
The only reason the network admins have access to work computers is because they have been joined to the AD domain, which tells Windows to authenticate against the AD server instead of the local users on that system. As long as the admin doesn't come around and sit down at your computer locally or otherwise already have administrator access, he or she cannot add it to the AD domain.
You might want to check with your corporate security policy also, as some companies forbid bringing in flash drives or computers which they can't control or don't have antivirus for security purposes - They don't want a virus getting in and compromising their network.
Darth Android
Posted 2010-06-01T23:48:10.370
Reputation: 35 133
1
On most windows 7 setups, the USERS$ folder is shared by default, so, in theory, the admin may have access to your Documents folder. If you have a password it should stop this, but to check what else is being shared right click on computer, go to manage, then system tools and shared folders. Finally click on Shares. This will show you all the shared folders on the computer.
tombull89
Posted 2010-06-01T23:48:10.370
Reputation: 6 533
0
If you plug the laptop into the network the system administrators will not magically have access to your laptop unless you have a default password set.
If you "join" their network, as in an Active Directory domain, yes they will have access to your computer. That is one of the points of joining computers to a domain.
ta.speot.is
Posted 2010-06-01T23:48:10.370
Reputation: 13 727
There is no default password for windows..... – Unfundednut – 2010-06-02T04:13:08.740
I meant something that could be dictionary attacked, "password", "Password", "abc" – ta.speot.is – 2010-06-02T05:19:42.027
Aside from admin access on the computer itself, remember that they'll have the ability to see any network traffic into or out of your machine whether it's from a VM or not. Your protection against this is to connect via VPN to another network (home or 3rd party provider) or use https sites whereever possible. – Doug Harris – 2010-06-02T17:12:20.480
Watch out for any applications you have to download like Cisco Clean Access or whatever it's called. They can scan for updates, but also could do whatever (since they are an executable on your system). – Daisetsu – 2010-06-03T00:50:44.810