Right or Wrong

Discussion in 'other software & services' started by Rico, May 20, 2007.

Thread Status:
Not open for further replies.
  1. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,701
    Location:
    Texas
    Hi Guys,

    At another forum (non security) one of the threads got a little off topic, straying into security. The boys overthere are getting, quite vocal. Some agree some disagree with:

    Personally I think the statement is wrong, what do you think? My contribution to the conversation was i mentioned 'Drop Your Rights.'

    Thanks & Take Care
    Rico
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    These guys don't have what I have. So I keep my administrator status. :)
     
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Kinda depends on "who" was saying it. I would tend to doubt it myself.
     
  4. EASTER.2010

    EASTER.2010 Guest

    Theres probably something to be said for running limited if you're always getting hammered by using Admin rights on the web or are suffering from m'ware paranoia because your security apps are lackluster at best, but i have never run with anything other than ADMIN status and i never will. Heck, i go looking to get hit when i'm on the hunt for them and sometimes that gets to be a real chore, i think they must be reluctant of my security setup for too long to even bother. When they do, i get to collect their crafts and examine them plus submit them (if new) to proper vendors for inclusions. I've grown very bored with malware AND rootkits anymore. Great Security Apps coupled with quick restore programs like FD-ISR or virtualization coverage with Power Shadow makes me fully armed for combat and i've taken plenty of prisoners along the way. :D
     
  5. herbalist

    herbalist Guest

    There's far too many variables to consider for that statement to be anything more than a generalization, and not a very accurate one at that. While there are definite benefits to running a limited account, it's not a foolproof fix-all by any means. Search Windows privilege escalation vulnerabilities.
    Limiting user access or privilege should be part of the overall security policy for that PC, and not just for the user accounts. The limited concept should also be applied to security apps such as firewalls and HIPS, especially when more than one user is involved. I run a 98 box, which doesn't have limited user accounts or profiles unless I use the policy editor to manually create restrictions. My OS is effectively in administrator mode all the time, but I don't run my security apps that way. I don't connect the UI on SSM unless I need to. The same applies to the firewall. When another user is on this PC, neither app will prompt them, so there's no opportunity for them to make a bad decision. Another user can't even start Kerio's administrator functions to add or modify rules (or disable the firewall) without having its password, plus it won't start when SSM is not in administrator mode (connected UI), another password.

    Properly used, limited accounts and usermode settings on security software are a big asset, as long as they support and are part of an overall policy. A statement such as:
    tells me that this individual isn't looking at the whole picture.
    Rick
     
  6. EASTER.2010

    EASTER.2010 Guest

    Hi Rick.

    As you know i'm also a proponant and support 98 systems irregardless of the flogging i have to endure thanks to you know who's ($M) reluctance to resteady them again. But that's ok with me, 98 is quite safe thanks to efforts from security vendors like SSM who chose to NOT turn away like the rest.

    FYI, since migrating myself, beit slowly, over to XP Pro regularly, it might be of some interest to note that i still retain (2) apps that also have proven very vital and beneficial for 98 systems, namely System Safety Monitor as you well know and also Kerio 2.15. My XP Box is never been more secure even without virtualization support i can easily turn to in Power Shadow and also FD-ISR snapshots.

    Absolutely no XP install of mine goes without them, period. :)
     
  7. wilbertnl

    wilbertnl Registered Member

    Joined:
    Dec 29, 2004
    Posts:
    1,850
    Location:
    Tulsa, Oklahoma
    Well, the user account model of *nix systems is far superior over the user account model of Windows.
    No matter if the mentioned statement is right or wrong, it's practically impossible to run applications other than Windows Freecell with limited access.
     
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    I think the qoute refers to a discussion regarding Linux ...
    Mrk
     
  9. sonic6k

    sonic6k Registered Member

    Joined:
    May 17, 2007
    Posts:
    34
    Somehow reminds of the other thread where people said you (Mrkvonic) would hunt me with a rusty axe :D
     
  10. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    If you are admin, there is always a possibility that you either disable your security software OR you install/run something that conflicts or removes it (eg a new unknown virus OR malware or just).

    With limited accounts you can lock out your user for changing settings of any running app, you can secure down folder permissions so that viruses cant spread.

    I would'nt say that security software is worthless, but as long as your an admin there are more exploitable options, compared to limited user, reguardless of security software.
     
Thread Status:
Not open for further replies.