Re: XPSP2 compatability

[Michael Richardson <mcr () sandelman ottawa on ca>]

-----BEGIN PGP SIGNED MESSAGE-----


> > > > > "Kevin" == Kevin Sheldrake <kev () electriccat co uk> writes:
    Kevin> privileged users can write to raw sockets?  Perhaps if the XP
    Kevin> installation forced the creation of at least one user account
    Kevin> and spat out a large alert when someone logged on as

  You are right --- the facilities are there. They are just not used.

    Kevin> For instance, my girlfriend uses Win2K on a laptop with a
    Kevin> wifi card.  In order for her to start and stop the built-in
    Kevin> IPSec client (required when she switches between wired and
    Kevin> wireless), she needs to be a power user of some description.
    Kevin> Fine, I'm the administrator so I gave her the capabilities.
    Kevin> Now she can let malware act as a power user when it runs -
    Kevin> brilliant.  On linux, for example, I simply su to start and
    Kevin> stop the IPSec and run the rest of my session as a normal
    Kevin> user.  It's the simple concept of least privilege...

  No, on Linux you can do several things:
    a) always encrypt everything anyway. (simplies everything)
    b) run scripts from dhclient to auto-select things.
    c) use "sudo" to let her run a script
    d) write a setuid program that does the one task.

  Since Win2K, there has been the equivalent of "su". Including the GUI
"Run-As" interface. Is it used? Not that I can tell.
  Why not?

  This isn't about technology --- it never has been.

  It is about letting very brilliant people with no non-MS experience
run the show. They are too smart to bother learning from past mistakes,
even their own.

- --
]     "Elmo went to the wrong fundraiser" - The Simpson         |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr () xelerance com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQSjpUIqHRg3pndX9AQFfRwQAqvJZtep6edkIDr+LXl26dVenqGrSX+Z3
KvbY5OVK9gUePhS3gLnFUbIIwkWlhI3EQ4JvoLPv8ZO/FvN8DzcEgslh2e8m6kMQ
yc9yFZvaM4vl32vbGBpK883iKCWA6njF7Ky2Fftr8tgeN9LUSxxldKzZk7vy9ndW
iSVY+fgGMFE=
=rIzN
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------