Re: Surfing Web as Admin bad idea?

From: Bryan Nyce (bryan_nyce@hotmail.com)
Date: 06/20/02


From: "Bryan Nyce" <bryan_nyce@hotmail.com>
Date: Wed, 19 Jun 2002 15:37:04 -0700


"Mike" <asdf@asdf.com> wrote in message
news:1089f01c217dc$2e2f2200$39ef2ecf@TKMSFTNGXA08...
> OK,
>
> I saw somewhere that surfing the web while logged on as
> admin was a bad idea? I run sw / hw firewalls and the
> like and not really worried about security intrusions, but
> what gives with this theory?

I typically create 2 accounts for myself - one admin, one regular user. User
the regular user for day to day activities (email, web etc..) and only use
the admin account for Admin tasks.

This is because if I happen to be logged on as admin, and execute a virus
(email, through the web, etc) it will run with admin rights, which could be
much more devastating.

Basically, it's a security risk to do day-to-day tasks with an admin
account.

Bryan Nyce



Relevant Pages

  • Re: enable "runas" under account, without log into workstations ?
    ... > regular user with some permissions mods to program files folder, ... > help with tracking down permissions problems if you logon as regular user ... item 1 states that you create the account as an admin. ...
    (microsoft.public.windows.server.networking)
  • Re: Incoming E-Mail - cant create contact in OU
    ... central admin pool different than the web app. ... that account a little (if the web app is compromised or something, ... So I started with giving the app pool account domain admins permissions then ...
    (microsoft.public.sharepoint.windowsservices)
  • RE: [Full-disclosure] Flaw in Microsoft Domain Account Caching Allows Local Workstation Admins t
    ... Flaw in Microsoft Domain Account Caching Allows ... Local Workstation Admins to Temporarily Escalate Privileges and Login as ... Cached Domain Admin Accounts ... administrator" is a "bigger" administrator than the local administrator. ...
    (Bugtraq)
  • Re: [Full-disclosure] Flaw in Microsoft Domain Account Caching Allows Local Workstation Admins t
    ... Flaw in Microsoft Domain Account Caching Allows ... Local Workstation Admins to Temporarily Escalate Privileges and Login as ... Cached Domain Admin Accounts ... administrator" is a "bigger" administrator than the local administrator. ...
    (Full-Disclosure)
  • Re: Security Breach in AD! Help!
    ... > about 5 minutes the user was removed from the built in admin group. ... > changed the default domain policy, the default domain controller policy, ... >> auditing of account logon for success and failure and account management ... >> success and failure in Domain Controller Security Policy. ...
    (microsoft.public.win2000.security)