From: "Geo" 

What is already the case? I suggested that when a firewall rule change is
detected that the firewall software verify that the change is authorized by
asking the user for a password before allowing the change to go into
effect.

Geo.

"Paul Ranson"  wrote in message
news:43294b61$1{at}w3.nls.net...
> If you're running as a 'USER' then surely that is already the case? If
> you're running as administrator then you've already authenticated yourself
> to the machine.
>
> Paul
>
> "Geo"  wrote in message
news:4328dbce$3{at}w3.nls.net...
> > Why MS? Do the transaction with the USER. Maybe require them to type in
> > their password to make a firewall change and have the password encrypted
> > via
> > a one way hash.
> >
> > Geo.
> >
> > "Paul Ranson"  wrote in message
> > news:4328b6fa$1{at}w3.nls.net...
> >> That's an interesting idea. Do an encrypted transaction with MS to
enable
> > a
> >> firewall configuration change. That would be more secure...
> >>
> >> Paul
> >>
> >>
> >> "Geo."  wrote in message
news:432858e3$1{at}w3.nls.net...
> >> > Gee you make it sound so easy, if the admin owns the machine then
> >> > activation
> >> > is doomed to failure. Or is there some point to this
"more tedious"?
> >> >
> >> > I guess the users' firewall doesn't need to be as secure
as the copy
> >> > protection, huh?
> >> >
> >> > Geo.
> >>
> >>
> >
> >
>
>

--- BBBS/NT v4.01 Flag-5