Security Basics mailing list archives
Re: Removing Local Admin Rights...
From: Barrie Dempster <barrie () reboot-robot net>
Date: Thu, 27 May 2004 13:41:44 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KEN MORRIS wrote: | Jay, | First thing I would do would be to check to see if there is any non-M$ | programs installed that are needed in the organization. IF there are, | thoroughly test those programs under both O/S before removing local admin | rights. | Some software will run only under local admin user accounts. I have tried | here and found that in certain programs there is no work around other than | local admin to allow users to run the software. Even setting them as power | users does not work. | Regards, | Ken Ken, Generally the local admin rights requirements on machines with 3rd party software is fixable by just changing permissions on files and keys/values in the registry, I can't think of a single instance where this wouldn't work and I've yet to find a program I couldn't setup for an ordinary user to run. I find the best thing to do is run filemon and regmon on the suspect program and check what its accessing and then give the user permission to these keys (don't give write where only read is needed though). Quite often you will find that the software vendors are willing to give you the info on these keys and values themselves to save you the trouble of researching it. If you need more help on this let me know. - -- Barrie Dempster [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ] <spam type="places I think you should go"> Do something good http://www.lp2p.org Open Source Vulnerability Database http://www.osvdb.org </spam> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAteIHsYtTQpYCX9ARAtVHAJ0QFpnY7R2QT5ZxWEUQUq+WHE6jNgCfc1SQ JUryNnnAmIQ+l5XD91tktU4= =6Rd1 -----END PGP SIGNATURE----- ---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Current thread:
- Removing Local Admin Rights... Jay Lopez (May 25)
- Re: Removing Local Admin Rights... Murad Talukdar (May 28)
- Re: Removing Local Admin Rights... Simon Taplin (May 31)
- <Possible follow-ups>
- RE: Removing Local Admin Rights... KEN MORRIS (May 26)
- Re: Removing Local Admin Rights... Barrie Dempster (May 27)
- Re: Removing Local Admin Rights... Tom Stowell (May 26)
- Re: Removing Local Admin Rights... Brian Dunbar (May 27)
- RE: Removing Local Admin Rights... Craig, Jason (May 27)
- Re: Removing Local Admin Rights... Simon Taplin (May 31)
- RE: Removing Local Admin Rights... Robinson, Sonja (May 27)
- DNS and SMTP kaps lock (May 28)
- Re: DNS and SMTP Byron Copeland (May 31)
- Re: DNS and SMTP Chris Moody (May 31)
- Re: DNS and SMTP Russell J. Wood (May 31)
- DNS and SMTP kaps lock (May 28)
- RE: Removing Local Admin Rights... Daszczyszak, Roman L. SPC (1AD 501 MI BN ACE IMO) (May 29)
- Re: Removing Local Admin Rights... Murad Talukdar (May 28)