Re: Why Bother with Restricted Accounts?

From: JW (JustPostYourReply_at_ToTheNewsGroup.pls)
Date: 07/23/04 

Date: Fri, 23 Jul 2004 12:29:10 -0500

It's true what you said that if a hacker or trojan got past your firewall
and anti-virus, it could do far more damage if you were running as
Administrator. So the question becomes "Can a hacker or trojan ever get
past your firewall and anti-virus program ?" Then answer is not only yes,
but there are documented cases of all of the following: (a) Trojans
downloaded from web sites the user visits opening up back doors for hackers
and malware to either destroy systems or secretly harvest userID/passwords
and credit card or bank account numbers; and (b) worms and viruses that
disable, hijack, or completely shut down vulnerable software firewalls and
anti-virus programs. My philosophy is why toy with the risk ?

While I respect Jerry's opinions and do not disbelieve his unique personal
experience, my personal experience is different, along with hundreds of
people who have come to this newsgroup in the past, suffering from the same
consequences of a false sense of security. Although I am no expert when it
comes to all the tweaks and tricks it takes to make Administrator a
perfectly hacker-proof, Trojan-proof, and safe-from-myself-proof, I can
definitely tell you and have documentation in my Event Viewer to prove
vermin from somewhere somehow slip past my firewall and anti-virus programs,
and attempt every week to either uninstall stuff, run services, or corrupt
or delete files in the folders named \Windows and \Program Files. How? I
don't know. All I care is that they are all logged as Failed Attempts
because I (a) surf the web with a Limited Account, and (b) remove all access
except Read/Execute to \Windows and \Program Files, by accounts in the group
named Users (accounts used by children and by my Internet-only account).

The special account I set up for surfing the web has never been a continuous
hassle, because I never use this special Internet-only account for anything
else but surfing the web. I certainly never use this special Internet-only
account for private online banking, completing private tax returns, or
maintaining private family financial records. Might as well buy a home
security system, and leave home with the doors open. When I want to do
private family or personal transactions or record-keeping, I use a different
account with different privileges (you could use Administrator for this).
The rare person who complains about exchanging files between the accounts
has not yet learned about Shared Folders or \All Users.

"Harvey" <Harvey@discussions.microsoft.com> wrote in message
news:3A181857-B9D0-4853-BAFB-6EBD18C04A51@microsoft.com...
Thanks for the responses! I've been perfectly happy running as
administrator, but I read a book ("Writing Secure Code" from Microsoft)
which said that if a hacker got past my firewall and anti-virus, and
highjacked my program, it could do less damage if I wasn't running as
administrator. But there's certianly no point in doing it if it's going to
be a continuous hassle.

Harvey
--------------------------

"New to XP" wrote:

> I just got a pc with xp home. I tried creating and experimenting with
several accounts, both limited and administrator. Any new account I create
is giving me fits with the rights to programs and security settings.
>
> I do think its a good idea to have a limited account, except I have not
figured out how to get the limited account set up correctly. Maybe a
limitation of the XP Home software?
>
> "Harvey" wrote:
>
> > I'm running XP Home, and I'm the only person with physical access to the
machine. I always run as administrator. I've been told that this will allow
any virus, worm, etc. to do more damage than if I run with lower privileges.
Is that so?
> >
> > If I run as 'guest', what won't I be able to do? Will I have to move all
my files from my current user folders to the shared folder? What other
changes will I need to do?
> >
> > I see that some people here complain about trying to run as less than
administrator. What is it likely to break? Is it worth trying to make the
change?
> >
> > Harvey

Relevant Pages

  • Re: Admin Accounts Locked Out
    ... The XP firewall if enabled in default configuration would prevent a hacker from ... control of your computer if administrator passwords are weak or null. ... > any account with administrative privileges. ...
    (microsoft.public.windowsxp.security_admin)
  • 810030: Microsoft VM Security Update
    ... There are anti-virus, firewall, pop-up stopper and hacker ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Windows XP - computer workgroup
    ... A desktop uses windows XP PRO and a wireless ... They all have Windows firewall active and exception as remote desktop ... With the GUEST user account not active ... start by running the Network Setup Wizard on all machines (see ...
    (microsoft.public.windowsxp.network_web)
  • Re: Peer-to-Peer
    ... username which is defaulting to a guest account. ... Also I can see the computers in the workgroups on both ... start by running the Network Setup Wizard on all machines (see ... by 1) a misconfigured firewall or overlooked firewall (including a stateful ...
    (microsoft.public.windowsxp.basics)
  • Re: Changing folder attributes
    ... With Windows Firewall, this means allowing File/Printer ... put all computers in the same Workgroup. ... Create matching user accounts and passwords on all machines. ... assigned to each user account can be different; ...
    (microsoft.public.windowsxp.general)