Activity: Identifying Authentication Risks in a Heterogeneous Network Environment

You've been hired by an organization to evaluate authentication risks in their network. For each scenario described in this activity, identify any authentication risks and describe what you could do to decrease these risks. Answers to these scenarios can be found in the appendix.

1. A Macintosh client computer connects to a Windows 2000 server running File Services for Macintosh using System 7 File Sharing to access graphic files stored on the Windows 2000 server.
   
   
   
2. A UNIX client uses Samba version 2.0.5 to connect to SMB file resources on a Windows 2000 server.
   
   
   
3. A UNIX user implements Telnet to run batch processes on a Windows 2000 server.
   
   
   
4. A NetWare client connects to a Windows 2000 server running FPNW for accessing accounting files.
   
   
   
5. A NetWare 3.12 user uses a server named RED312 as her preferred NetWare server. Due to changes in her job function, she must now access budget reports stored on a Windows 2000 server running FPNW. To reduce the number of credentials entered during authentication, the user has modified her NetWare login script to attach to the FPNW server.
   
   
   
6. A UNIX client retrieves data from a Windows 2000 FTP server. An IPSec security association protects all data that's transmitted between the FTP client and the FTP server using IPSec Authentication Headers (AH).
   
   
   
7. A UNIX client retrieves data from a Windows 2000 FTP server. An IPSec security association protects all data that's transmitted between the FTP client and the FTP server using IPSec Encapsulating Security Payloads (ESPs).
   
   
   

Answers