Security considerations when updating settings from a remote system
Sooner or later, any OPC expert will need to acquire some understanding of Windows security, and in particular the Distributed COM Configuration tool (DCOMCNFG) which defines the security model for COM applications used remotely.
When a COM server is run remotely, the default behavior is for the server to run as the 'interactive user', i.e. This explains why using the same login on each PC can be such an effective technique.
© Crown copyright 2015 This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated.
To view this licence, visit uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: [email protected]
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://uk/government/publications/end-user-devices-security-guidance-windows-phone-81-update-2/end-user-devices-security-guidance-windows-phone-81-update-2 The End User Devices Security and Configuration Guidance is for Risk Owners and Administrators to understand the risks, security advantages and recommended configuration of Windows Phone 8.1 Update 2 within a remote working environment at the OFFICIAL and OFFICIAL SENSITIVE classification.
However, with certain highly secured networks, some configuration may be necessary.
However, it has some obvious drawbacks, not least the need to have a particular user logged in on the server computer.
In practice, the best approach is usually to create an account on the server computer specifically for the purpose of running the OPC server - the username for the account might be 'opc'.
You couldn’t know this beforehand , but the local bar owner didn’t secure his Wi-fi.
This allowed a malicious hacker to breach the wireless network’s security and collect the data from all the people in the bar, including yourself. If he wanted to, Slotboom could now completely ruin the lives of the people connected: He can retrieve their passwords, steal their identity, and plunder their bank accounts.