Penetration Testing mailing list archives
Re: off-premise laptops
From: pand0ra <pand0ra.usa () gmail com>
Date: Wed, 25 Oct 2006 15:51:34 -0600
Ultimately, we all know that if someone has physical access to the computer they can own the computer. Did the employee have Admin access on the laptop (I'm guessing so)? If that is the case, create user accounts that only have the minimum required priviledges they need to do their job. On 10/24/06, monica <redhowlingwolves () bellsouth net> wrote:
hi all, something just arose on my desk that sent chills down my spine. A local co. allowed a laptop to go home with an employee that was not very comp-literate.Someone else was allowed to set this laptop up via a local router at another location.Evidently,they tried to use a group policy to add an admin acct. That anyone offsite could be able to access,and add,an admin acct to a laptop is just beyond me. surely everyone has heard of vpn's or dummy terminals.Or even virtual streaming by now. OK rant out of the way,how could that be improved upon,without locking out the people on the helpdesk or desk admin set,and still make the laptop itself,secure,without making it a dummy that had to dial-in? Sorry for the obtuse manner. Regards, Scott ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- off-premise laptops monica (Oct 25)
- RE: off-premise laptops Paul Melson (Oct 26)
- Re: off-premise laptops pand0ra (Oct 26)