Re: disclosure the administrative password

From: Anthony Viaene (admin_at_counterweb.be)
Date: 02/02/05

  • Next message: Jack Me: "Re: disclosure the administrative password"
    Date: Wed, 02 Feb 2005 16:55:48 +0100
    To: cyberpixl <cyberpixl@gmail.com>
    
    

    You could make an new user 'Installer' with limit security rights so
    this user can only install software but nothing else.
    By this way you could limit the damage if someone finds the password.

    Greetz,
    Anthony

    cyberpixl wrote:

    >using remote administration software maybe? ;)
    >
    >
    >On Tue, 1 Feb 2005 14:50:08 +0200, Boris Skoblo
    ><borsk@techunix.technion.ac.il> wrote:
    >
    >
    >>Hi All,
    >>
    >>There is a usual situation: on normal users computers ( W2k and Winxp ) an
    >>administrator should perform an administrative actions
    >>(for example, with help RunAs) thus the administrative password is entered.
    >>Do exist a potential possibility that on the user's computer
    >>there is keylogger.
    >>
    >>What ways to perform administrative operations exist, thus not endangering
    >>disclosure the administrative password? There are some limitations:
    >>
    >>1. usage of smarts-cards and others hardvare devices are not applicable .
    >>
    >>2. performed operations cannot be delegated for various reasons
    >>
    >>3. keylogger is custom designed and any of existing protective software yet
    >>does not find out it
    >>
    >>------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    >>
    >>Regards,
    >>
    >>Boris Skoblo
    >>
    >>---------------------------------------------------------------------------
    >>---------------------------------------------------------------------------
    >>
    >>
    >>
    >>
    >
    >---------------------------------------------------------------------------
    >---------------------------------------------------------------------------
    >
    >
    >
    >.
    >
    >
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Jack Me: "Re: disclosure the administrative password"

    Relevant Pages

    • Re: Draft I: Why You Dont Want to Install Software
      ... All these functions should be under the control of the system administrator. ... > idea of contacting your network consultant to install software probably ... > could install software. ... Windows 9x was notoriously unstable and fragile. ...
      (microsoft.public.windows.server.sbs)
    • Re: Draft I: Why You Dont Want to Install Software
      ... that evil IT guy-- the party pooper who runs his network with an iron fist. ... > been made members of the 'local administrator' group. ... >> idea of contacting your network consultant to install software probably ... >> could install software. ...
      (microsoft.public.windows.server.sbs)
    • Re: Users installing software
      ... when I go in as the Administrator and install some software for the user, then the user logs in and A) the software is not there, only installed for the current user when installed. ... Hence my need to allow a user to install software on there local machine. ... > to know what is on each of the work stations and it would be extremely ...
      (microsoft.public.win2000.active_directory)
    • Re: File Permissions / root
      ... > owner of fileit tells me that the owner is root. ... administrator to set it up, otherwise you will get lots of 'Permission denied' errors. ... You can also install software in your home directory as a normal user, ...
      (Ubuntu)
    • Write Access Problems
      ... each of myself, wife and two kids. ... Administrator in order to let us install and run our own ... trying to save a file or when trying to install software. ... If I right click on a folder, ...
      (microsoft.public.windowsxp.security_admin)