Security Basics mailing list archives
Getting away from administrator account on Desktop
From: "sec sam" <secsam () gmail com>
Date: Wed, 14 Mar 2007 11:35:10 -0500
Hello everyone Our company uses Novell and login script will substitute the users login with administrator account is the only one on the local desktop or laptop. I know this is not a standard practice anymore and am looking for information on what would be a better strategy. I am sure you all know the security problems this brings about such as: Anyone who knows the admin password can walk up to any pc that is logged on to the network, even with screensaver and gain access using that persons pc, additionally to the network with that users privileges. I bet that over there are more people that know the password than don't know it. Laptop users need the local admin password because it must be used when not connected to the network. Not to mention that the password has never changed. I am just trying to find resources to help me identify what should be considered when trying to change this and possible strategies. I need to be more knowledgable about this issue in order to even be able to discuss possible solutions. Thanks.... Secsam
Current thread:
- Getting away from administrator account on Desktop sec sam (Mar 14)