Security Basics mailing list archives
Re: account trapping
From: "Jason M. Leonard" <fuzz () ldc upenn edu>
Date: Thu, 13 Nov 2003 14:07:06 -0500 (EST)
On Wed, 12 Nov 2003, Jack Solomon wrote:
I want to leave a monitoring station logged in all day so that I can see the status of the servers. Our monitoring application has to run as Admin to query the server registrys. I want to prevent it doing anything else but I don't want to have to lock the screen out because its real convenient to see it going crazy from the other side of the room. I can't make it email/page me because its homegrown and doesnt have this functionality yet. Is there an easy way to setup an account with Admin rights but to stop it running any other programs?
Jack, Rather than trying to create a "restricted Admin" account, which even if possible is a security incident waiting to happen, just log into the monitoring machine with a regular account (a restricted one would be even better) and use "runas" to run the monitoring application as Administrator. :Fuzz --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- account trapping Jack Solomon (Nov 13)
- Re: account trapping Jason M. Leonard (Nov 14)
- Re: account trapping Anders Reed-Mohn (Nov 14)
- <Possible follow-ups>
- Re: account trapping Chris Berry (Nov 14)