Security Basics mailing list archives
RE: Unwanted programs on Win2K
From: "Simon Taplin" <simont () lantic net>
Date: Wed, 5 Feb 2003 21:40:02 +0200
Its always amazing how effective educated users can be if you take the time to explain the how's and why's of security. People don't open weird attachments and remember to lock machines when they walk away type of thing. Simon Quote of the day: Systems Administration is the kind of job that nobody notices if you're doing it well. People only take notice of their systems when they're not working. -----Original Message----- From: Mike Heitz [mailto:mikeheitz () upshotmail com] Sent: 05 February 2003 02:57 To: Harris Samuel W PORT; H C; security-basics () securityfocus com Subject: RE: Unwanted programs on Win2K I have to agree with Mr. Harris here as well... I go to great lengths to educate our user community on worms, viruses, hack possibilities... Now, obviously I'm not going to sit there and break it down for them with all the gory details. But, I've found over the past 2 years that giving a user community the important points, and how and why it affects them, goes a long way towards creating a secure and safe environment... That's everyone's desire whether they are a user or an admin. Mike -----Original Message----- From: Harris Samuel W PORT [mailto:HarrisSW () mail ports navy mil] Sent: Tue 2/4/2003 3:54 PM To: 'H C'; security-basics () securityfocus com Cc: Subject: RE: Unwanted programs on Win2K I disagree. Security is everybody's problem. The user can be a big help in notifying the IT department of things going on that might have escaped their eyes. The more eyes, the better. Amor Patriae Samuel Harris A+, MCP, Networking Certificate, Phi Theta Kappa Portsmouth Naval Shipyard Portsmouth , NH 03801 (207) 438-4779 -----Original Message----- From: H C [mailto:keydet89 () yahoo com] Sent: Tuesday, February 04, 2003 9:11 AM To: security-basics () securityfocus com Subject: re: Unwanted programs on Win2K > Question: How can someone bypass restrictions in Win2k > to install software when he doesn?t have proper > privileges? Privilege escalation is pretty trivial these days...assuming that the user doesn't already have local admin privileges on the system. Not too long ago, a worm used the privilege escalation EXE from DebPloit to gain admin privileges on a system...if a worm can do it, it can't be too hard. Also, there's a Linux bootdisk available that allows the user to change any password on the system w/o knowing it ahead of time. While books like "Hacking Exposed" have a lot of good information in them, they also don't focus specifically on the types of things you're asking about. After all, how would someone hack your workstation using a web server hack, if you're not running a web server? > Reason for asking question: If someone can install > Kazaa, someone can also install a keyreader or something > like that. Yeah, that's always possible...but it's not really your concern. You're a user, so it's evident that you're talking about a corporate envirnment of some kind. Since you're not asking as an admin...what are you worried about? That someone will get on the network and do something using your account? Do you feel as if you're being targetted specifically? If something does happen, then the admins should be able to very easily exonerate you, if you didn't in fact do...whatever. If not, that's what wrongful termination suits are for. > Maybe I am paranoid, but everytime I login, maybe I am > telling someone - hey, this is my passwrd. A little paranoia is a good thing, but since you're a user, it really isn't your concern. After all, if your company has policies against such things as users installing software, then that's an HR/management issue. __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This email has been scanned by AVG Anti-Virus Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.449 / Virus Database: 251 - Release Date: 2003/01/27
Current thread:
- re: Unwanted programs on Win2K, (continued)
- re: Unwanted programs on Win2K H C (Feb 04)
- re: Unwanted programs on Win2K Jeremy Gaddis (Feb 06)
- RE: Unwanted programs on Win2K Gedi (Feb 04)
- Re: Unwanted programs on Win2K Kamran Muzaffer (Feb 05)
- Re: Unwanted programs on Win2K Pez Mohr (Feb 05)
- RE: Unwanted programs on Win2K dave (Feb 06)
- Re: Unwanted programs on Win2K Kamran Muzaffer (Feb 05)
- re: Unwanted programs on Win2K H C (Feb 04)
- RE: Unwanted programs on Win2K Harris Samuel W PORT (Feb 04)
- Re: Unwanted programs on Win2K Meritt James (Feb 05)
- RE: Unwanted programs on Win2K Chris Berry (Feb 04)
- RE: Unwanted programs on Win2K Mike Heitz (Feb 05)
- RE: Unwanted programs on Win2K Simon Taplin (Feb 05)
- RE: Unwanted programs on Win2K Chris Berry (Feb 05)
- Re: Unwanted programs on Win2K Meritt James (Feb 05)
- RE: Unwanted programs on Win2K H C (Feb 05)
- RE: Unwanted programs on Win2K James Kelly (Feb 06)
- Re: Unwanted programs on Win2K Gedi (Feb 05)
- RE: Unwanted programs on Win2K Tim Donahue (Feb 05)
- RE: Unwanted programs on Win2K Tim Donahue (Feb 07)