Re: privileged IDs and non-privileged IDs

From:
Date: 07/10/02 

Date: Wed, 10 Jul 2002 22:42:34 +0800

thanks for all your advice. i do use sudo for admin task and the like,
and create IDs for operational personnel to let them handle more routine
task like creating users. i have also heard of role-based IDs...

but maybe i explain more a bit to make myself clearer.. actually this
does not just apply to unix. my company now is very ``interested'' in
security, and thus, wants us to differentiate IDs or usernames for admin
purpose and non-admin (general use) purpose, and all admin operations
must be audit-trailed.

Our mgt wants us to use personalised privileged IDs (not root or
administrator or sa or adm, etc) to admin servers. our non-privileged
IDs will only be for everyday normal use, and that's it... so, to login
to a NT, or unix, or Lotus notes, or any application system for normal
use, we use our normal everyday ID with absolutely no admin powers, just
like any users.. To administrator the OS, or whatever application
system, we should use our privileged user ID for that system. and my mgt
asked a question i can't and don't know how to answer: "what is the
industry convention for creating a privileged ID?" Eg, if administrator
john smith's normal ID is "jsmith", then should his privileged ID be
"smithj"? i am now in a fix... i mean, it can be any convention that we
decide to adopt as long as it is different from his normal ID and not
prominent to attract attention.. but my mgt wants the industry
convention/practice...i can't manage to convince them to use "smithj"..

sorry if this is out of topic... but i needed some help.. hope you guys
can advise me. thanks a million.

MC

Clark Zahn wrote:
> noname wrote:
>
>>hi all,
>>
>>I wonder if it is a popular and good practice to create separate IDs for
>>different purposes? More specifically, if I am a system administrator of
>>a system, do I create 2 IDs for myself: One is for normal
>>(non-privileged) use, the other to administer the system? (The root or
>>superuser ID is not to be used as far as possible.)
>>
>>
>>
>
> In the past I have created special ID's in order to hand off certain
> tasks, webserver/webpage maintenance for example.
>
>

Relevant Pages

  • RE: How to choose an IDS/FW MSS provider
    ... Andrew, I can't completely agree with you. ... their IDS - may be this is the reason for thinking that great amount FPs is ... to admin to do something or not. ... Thus my point - while seeing the details of a signature is fascinating ...
    (Focus-IDS)
  • RE: Current state of Anomaly-based Intrusion Detection
    ... > traffic is, in essence, an anomaly detection system. ... "learned" by the IDS itself. ... things that the admin didn't expect. ... The "unknown" part is detected by most ...
    (Focus-IDS)
  • Re: Intrusion Detection Systems
    ... so at the very minimum it "costs" the installation labour. ... > read of IDS systems indicate that *every* IDS suffers from false ... I have also commented on the level of system admin skills. ... > what it is monitoring for is A) the possibility that the firewall has ...
    (comp.security.misc)
  • RE: Concurrent Admin Login Limits
    ... How do you force the ids off at specific times? ... > This does does not apply to Admin, but you can force ids off at specific ... but not after n minutes of inactivity. ... >> any other user for that matter) can be logged into the server concurrently? ...
    (microsoft.public.windows.server.sbs)
  • Re: Port 109 Mystery
    ... Thanks to all who wrote to me off list - I've provided the administrator ... The consensus seems to be that ... Lose another weekend managing your IDS? ...
    (Incidents)