Re: Removing Local Admin Rights...
From: Barrie Dempster (barrie_at_reboot-robot.net)
Date: 05/27/04
- Previous message: Nick Duda: "RE: IDS"
- In reply to: KEN MORRIS: "RE: Removing Local Admin Rights..."
- Next in thread: Tom Stowell: "Re: Removing Local Admin Rights..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 May 2004 13:41:44 +0100 To: KEN MORRIS <KMORRIS@kpl.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
KEN MORRIS wrote:
| Jay,
| First thing I would do would be to check to see if there is any non-M$
| programs installed that are needed in the organization. IF there are,
| thoroughly test those programs under both O/S before removing local admin
| rights.
| Some software will run only under local admin user accounts. I have tried
| here and found that in certain programs there is no work around other than
| local admin to allow users to run the software. Even setting them as power
| users does not work.
| Regards,
| Ken
Ken,
Generally the local admin rights requirements on machines with 3rd party
software is fixable by just changing permissions on files and
keys/values in the registry, I can't think of a single instance where
this wouldn't work and I've yet to find a program I couldn't setup for
an ordinary user to run.
I find the best thing to do is run filemon and regmon on the suspect
program and check what its accessing and then give the user permission
to these keys (don't give write where only read is needed though). Quite
often you will find that the software vendors are willing to give you
the info on these keys and values themselves to save you the trouble of
researching it.
If you need more help on this let me know.
- --
Barrie Dempster
[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]
<spam type="places I think you should go">
Do something good http://www.lp2p.org
Open Source Vulnerability Database http://www.osvdb.org
</spam>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAteIHsYtTQpYCX9ARAtVHAJ0QFpnY7R2QT5ZxWEUQUq+WHE6jNgCfc1SQ
JUryNnnAmIQ+l5XD91tktU4=
=6Rd1
-----END PGP SIGNATURE-----
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: Nick Duda: "RE: IDS"
- In reply to: KEN MORRIS: "RE: Removing Local Admin Rights..."
- Next in thread: Tom Stowell: "Re: Removing Local Admin Rights..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
