RE: Unwanted programs on Win2K

[Tim Donahue <TDonahue () haynesconstruction com>]

I recommend the book Hacking Windows 2000 Exposed (ISBN 0072192623) it is an
book that covers many vunerabilites on a Windows 2000 based computer.  

Tim Donahue

> -----Original Message-----
> From: ahaly () softhome net [mailto:ahaly () softhome net] 
> Sent: Saturday, February 01, 2003 6:38 PM
> To: security-basics () securityfocus com
> Subject: Unwanted programs on Win2K
>
>
>
>
> Hey,
>
>
>
> This question is not from an admin but a end-user. I am doing 
> my studies 
>
> in a big university and we have many Win2K machines in our labs and 
>
> library. 
>
>
>
> Sometimes I find applications like Yahoo and MSN Messenger 
> installed on 
>
> these machines. I have also sometimes seen things like Kazaa. 
> Technically 
>
> these are not supposed to be there. As in only the apps that 
> are installed 
>
> by admins are supposed to be there and the above mentioned 
> apps are not 
>
> part of the admin list of apps. When I try to install an 
> application, I 
>
> get an error saying that I don't have privileges. I know I don't have 
>
> privileges but there is someone out there who has found a way 
> to bypass 
>
> the restrictions. 
>
>
>
> Question: How can someone bypass restrictions in Win2k to 
> install software 
>
> when he doesn't have proper privileges?
>
> Reason for asking question: If someone can install Kazaa, 
> someone can also 
>
> install a keyreader or something like that. 
>
> Maybe I am paranoid, but everytime I login, maybe I am 
> telling someone - 
>
> hey, this is my passwrd. 
>
>
>
>
>
> Ahaly