Security Basics mailing list archives

RE: Unwanted programs on Win2K

From: Harris Samuel W PORT <HarrisSW () mail ports navy mil>
Date: Tue, 4 Feb 2003 16:54:24 -0500

I disagree. Security is everybody's problem. The user can be a big help in
notifying the IT department of things going on that might have escaped their
eyes. The more eyes, the better. 

Amor Patriae

Samuel Harris
A+, MCP, Networking Certificate, Phi Theta Kappa
Portsmouth Naval Shipyard
Portsmouth , NH 03801
(207) 438-4779



-----Original Message-----
From: H C [mailto:keydet89 () yahoo com]
Sent: Tuesday, February 04, 2003 9:11 AM
To: security-basics () securityfocus com
Subject: re: Unwanted programs on Win2K

Question: How can someone bypass restrictions in

Win2k

to install software when he doesn?t have proper 
privileges?


Privilege escalation is pretty trivial these
days...assuming that the user doesn't already have
local admin privileges on the system.  Not too long
ago, a worm used the privilege escalation EXE from
DebPloit to gain admin privileges on a system...if a
worm can do it, it can't be too hard.

Also, there's a Linux bootdisk available that allows
the user to change any password on the system w/o
knowing it ahead of time.

While books like "Hacking Exposed" have a lot of good
information in them, they also don't focus
specifically on the types of things you're asking
about.  After all, how would someone hack your
workstation using a web server hack, if you're not
running a web server?

Reason for asking question: If someone can install 
Kazaa, someone can also install a keyreader or

something

like that.


Yeah, that's always possible...but it's not really
your concern.  You're a user, so it's evident that
you're talking about a corporate envirnment of some
kind.  Since you're not asking as an admin...what are
you worried about?  That someone will get on the
network and do something using your account?  Do you
feel as if you're being targetted specifically?  If
something does happen, then the admins should be able
to very easily exonerate you, if you didn't in fact
do...whatever.  If not, that's what wrongful
termination suits are for.

Maybe I am paranoid, but everytime I login, maybe I

am

telling someone - hey, this is my passwrd.


A little paranoia is a good thing, but since you're a
user, it really isn't your concern.  After all, if
your company has policies against such things as users
installing software, then that's an HR/management
issue.  





__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

Current thread:

Unwanted programs on Win2K ahaly (Feb 03)
- RE: Unwanted programs on Win2K Simon Taplin (Feb 05)
  - RE: Unwanted programs on Win2K Tim V - DZ (Feb 05)
- <Possible follow-ups>
- re: Unwanted programs on Win2K H C (Feb 04)
  - re: Unwanted programs on Win2K Jeremy Gaddis (Feb 06)
- RE: Unwanted programs on Win2K Gedi (Feb 04)
  - Re: Unwanted programs on Win2K Kamran Muzaffer (Feb 05)
    - Re: Unwanted programs on Win2K Pez Mohr (Feb 05)
    - RE: Unwanted programs on Win2K dave (Feb 06)
- RE: Unwanted programs on Win2K Harris Samuel W PORT (Feb 04)
  - Re: Unwanted programs on Win2K Meritt James (Feb 05)
- RE: Unwanted programs on Win2K Chris Berry (Feb 04)
- RE: Unwanted programs on Win2K Mike Heitz (Feb 05)
  - RE: Unwanted programs on Win2K Simon Taplin (Feb 05)
- RE: Unwanted programs on Win2K Chris Berry (Feb 05)
  - Re: Unwanted programs on Win2K Meritt James (Feb 05)
- RE: Unwanted programs on Win2K H C (Feb 05)
  - RE: Unwanted programs on Win2K James Kelly (Feb 06)
- Re: Unwanted programs on Win2K Gedi (Feb 05)
- RE: Unwanted programs on Win2K Tim Donahue (Feb 05)

(Thread continues...)