Penetration Testing mailing list archives
Re: XPSP2 compatability
From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Sun, 22 Aug 2004 14:43:34 -0400
-----BEGIN PGP SIGNED MESSAGE-----
"Kevin" == Kevin Sheldrake <kev () electriccat co uk> writes:
Kevin> privileged users can write to raw sockets? Perhaps if the XP Kevin> installation forced the creation of at least one user account Kevin> and spat out a large alert when someone logged on as You are right --- the facilities are there. They are just not used. Kevin> For instance, my girlfriend uses Win2K on a laptop with a Kevin> wifi card. In order for her to start and stop the built-in Kevin> IPSec client (required when she switches between wired and Kevin> wireless), she needs to be a power user of some description. Kevin> Fine, I'm the administrator so I gave her the capabilities. Kevin> Now she can let malware act as a power user when it runs - Kevin> brilliant. On linux, for example, I simply su to start and Kevin> stop the IPSec and run the rest of my session as a normal Kevin> user. It's the simple concept of least privilege... No, on Linux you can do several things: a) always encrypt everything anyway. (simplies everything) b) run scripts from dhclient to auto-select things. c) use "sudo" to let her run a script d) write a setuid program that does the one task. Since Win2K, there has been the equivalent of "su". Including the GUI "Run-As" interface. Is it used? Not that I can tell. Why not? This isn't about technology --- it never has been. It is about letting very brilliant people with no non-MS experience run the show. They are too smart to bother learning from past mistakes, even their own. - -- ] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [ ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[ ] mcr () xelerance com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Finger me for keys iQCVAwUBQSjpUIqHRg3pndX9AQFfRwQAqvJZtep6edkIDr+LXl26dVenqGrSX+Z3 KvbY5OVK9gUePhS3gLnFUbIIwkWlhI3EQ4JvoLPv8ZO/FvN8DzcEgslh2e8m6kMQ yc9yFZvaM4vl32vbGBpK883iKCWA6njF7Ky2Fftr8tgeN9LUSxxldKzZk7vy9ndW iSVY+fgGMFE= =rIzN -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- RE: XPSP2 compatability, (continued)
- RE: XPSP2 compatability DeGennaro, Gregory (Aug 20)
- RE: XPSP2 compatability Todd Towles (Aug 20)
- RE: XPSP2 compatability Joe Smith (Aug 22)
- RE: XPSP2 compatability Chris Brenton (Aug 22)
- RE: XPSP2 compatability Joe Smith (Aug 22)
- RE: XPSP2 compatability OBrien, Brennan (Aug 20)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)
- Re: XPSP2 compatability Jophn Deo (Aug 22)
- Re: XPSP2 compatability Max (Aug 24)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)
- RE: XPSP2 compatability Wozny, Scott (US - New York) (Aug 20)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)
- Re: XPSP2 compatability Michael Richardson (Aug 24)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 24)
- Re: XPSP2 compatability Michael Richardson (Aug 24)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)