Re: disclosure the administrative password

From: cyberpixl (cyberpixl_at_gmail.com)
Date: 02/02/05

  • Next message: Andrew Rice: "Re: disclosure the administrative password" 
    Date: Wed, 2 Feb 2005 11:47:59 +0100
To: Boris Skoblo <borsk@techunix.technion.ac.il>

    using remote administration software maybe? ;)

    On Tue, 1 Feb 2005 14:50:08 +0200, Boris Skoblo
    <borsk@techunix.technion.ac.il> wrote:
    > Hi All,
    >
    > There is a usual situation: on normal users computers ( W2k and Winxp ) an
    > administrator should perform an administrative actions
    > (for example, with help RunAs) thus the administrative password is entered.
    > Do exist a potential possibility that on the user's computer
    > there is keylogger.
    >
    > What ways to perform administrative operations exist, thus not endangering
    > disclosure the administrative password? There are some limitations:
    >
    > 1. usage of smarts-cards and others hardvare devices are not applicable .
    >
    > 2. performed operations cannot be delegated for various reasons
    >
    > 3. keylogger is custom designed and any of existing protective software yet
    > does not find out it
    >
    > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    >
    > Regards,
    >
    > Boris Skoblo
    >
    > ---------------------------------------------------------------------------
    > ---------------------------------------------------------------------------
    >
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: Andrew Rice: "Re: disclosure the administrative password"