Security Basics mailing list archives
Re: Power Users, AntiSpyware & CriticalUpdates
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 1 Sep 2005 04:36:13 +0200
On 2005-08-31 arh wrote:
I am working on a Win XP SP2 system to be used as a "Clone" for new systems, or replacement hard drives. Our Corporate Culture previously allowed everyone to be Local Admin; now everyone will be a "Power User". I've worked as a Power User for a week. With "Run As" and/or RDC I can do all admin chores (so far ;)...
Power users are not really an improvement, as they still have far too many privileges to achieve actual security. Make your users normal users if possible. Otherwise don't bother. Making them power users isn't worth the time you'll spend on it.
A couple of things about these Power User workstations: Do we need a WUS or WSUS to deal with Microsoft Windows Critical Updates, or is there a better way?
You could leave automatic updates pointing directly to Microsoft's update servers. A (W)SUS would enable you to test updates on a set of test boxes before approving them for automatic enrollment to your network, though, so having a (W)SUS usually is a good idea.
We will have Spybot installed. I also want to install Microsoft AntiSpyware, but it has so many poorly-worded, cryptic "warnings", that we may not. Is there any decent articles on controlling AntiSpyware alerts, or should we move on to something like CounterSpy?
How about "move to not getting spyware installed in the first place"? Like don't make your users admins or power users and have them use a web browser that is not IE. Regards Ansgar Wiechers -- "Another option [for defragmentation] is to back up your important files, erase the hard disk, then reinstall Mac OS X and your backed up files." --http://docs.info.apple.com/article.html?artnum=25668
Current thread:
- Re: Power Users, AntiSpyware & CriticalUpdates Ansgar -59cobalt- Wiechers (Sep 01)
- Re: Power Users, AntiSpyware & CriticalUpdates David Glosser (Sep 07)
- Re: Power Users, AntiSpyware & CriticalUpdates Ansgar -59cobalt- Wiechers (Sep 07)
- Re: Power Users, AntiSpyware & CriticalUpdates David Glosser (Sep 07)