COMMAND

	ProxyView default undocumented password

SYSTEMS AFFECTED

	ProxyView ?

PROBLEM

	Michael Brown [michaelb@opentext.com] reports :
	
	--snip--
	
	The software running on the ProxyView maintains a user database for  its
	client connections.  This  database  is  completely  separate  from  the
	Windows NT user database. The ProxyView administrator  default  password
	is 'PVremote'. The documentation advises you  to  change  this  password
	quickly. This is NOT the problem.
	
	The Administrator account for Embedded Windows NT on the  ProxyView  has
	the default password of "Administrator". Anybody  with  access  to  port
	139 (Hmmm... people on the LAN) can  login  as  Administrator  and  have
	full control over  the  box  and  consequently  console  access  to  the
	machines the ProxyView is  a  front  end  for.  These  details  are  not
	mentioned anywhere in the documentation.
	
	--snap--

SOLUTION

	No official patch yet, check : [http://www.replicom.com/]
	
	 Workaround
	 ==========
	
	1) Generate a new password. :)
	
	2) Using whatever remote registry tool you like  (regedit),  connect  to
	the
	   ProxyView and change the contents of the key:
	
	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
	
	   to the new password you generated in step 1.
	
	3) Using whatever remote user tool you like  (usrmgr),  connect  to  the
	ProxyView
	   and change the Administrator password.
	
	WARNING: If the 'autologon' password and the Administrator password  are
	out of sync, the ProxyView will *not* function after a reboot.  You  can
	still access the unit via NetBIOS to fix the  problem  though.  Provided
	you haven't lost the password, so keep it safe! :)