| View previous topic :: View next topic |
| Author |
Message |
zillah
Corporal
Joined: Feb 09, 2005
Posts: 69
|
 Posted: Tue Feb 05, 2008 10:43 am Post subject: Lock PC (Ctrl+Alt+Del),can be accessed by other than admin |
|
|
Friend of mine has got two computers (Laptop and Desktop) connected to each other via cross over cable (networked), both computers have got OS win2003 SP2. Normally he accesses both computer via administrator accounts
When he does not use them , he locks them by pressing (Ctrl+Alt+Del), some times he found his son accessed his laptop, he told me that he did not tell his son about the password for the uname administrator.
There is no other accounts were created beside administrator account under “Local Users and Groups”.
I have checked by myself the “Add or Remove Programs”, I could not find suspicious program.
Is there away to access a locked PC without knowing the password
|
|
| Back to top |
|
 |
zillah
Corporal
Joined: Feb 09, 2005
Posts: 69
|
| Posted: Tue Feb 05, 2008 11:13 am Post subject: |
|
|
Some time his dad let his son use the computer when the computer is unlocked. Can the son find out the password for the administrator in some how ?
|
|
| Back to top |
|
|
Scott_Hollingsworth
Sergeant
Premium Member
Joined: May 09, 2006
Posts: 116
Location: USA
|
| Posted: Tue Feb 05, 2008 6:08 pm Post subject: |
|
|
| zillah wrote: | | Some time his dad let his son use the computer when the computer is unlocked. Can the son find out the password for the administrator in some how ? |
That is definitely a possibility. There are numerous other means of creating a "backdoor" if you are using the computer with an administrator account. Just having physical access to the computer is enough for some to gain full access.
Many people use admin accounts for regular use. Most malware has been designed with this in mind. A lot of malware can be made less effective just by avoiding the use of admin accounts for everyday computer use. Once everybody learns this lesson, malware will adapt.
My family's home network has non-admin accounts for everybody who uses the computers, some friends share a guest account, others have their own accounts. Only I and my wife also have admin accounts which we only use when we are doing admin tasks.
For the physical access protection, BIOS passwords and a BIOS setting only allowing booting from the hard drive will lay the foundation of a better secured computer. Drive encryption is an additional choice, but not a necessity for helping guard against physical access attacks. Encryption is very good in guarding data on a stolen computer. Of course, the assumption is the protection is properly implemented.
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2895
|
| Posted: Thu Feb 07, 2008 12:51 pm Post subject: |
|
|
| Scott_Hollingsworth wrote: | | A lot of malware can be made less effective just by avoiding the use of admin accounts for everyday computer use. |
I have tried doing this for employee computers at my job, but then the antivirus software won't download updates unless I log into every computer myself every day, wait for the download, and log myself out. PITA!!!
|
|
| Back to top |
|
|
Scott_Hollingsworth
Sergeant
Premium Member
Joined: May 09, 2006
Posts: 116
Location: USA
|
| Posted: Fri Feb 08, 2008 11:47 pm Post subject: |
|
|
Applications that do not function without admin rights are one of many hurdles to moving to this safer practice. Many of the apps really do not need admin rights to do their intended functions.
Many times I have "fixed" such apps with a few targeted object permission adjustments primarily in the file system and the registry.
AV updates is something that should be an admin function, but the updater process could be running with the appropriate privileges instead of those of the user logged onto the console. There is no need for AV update processes to interact with the console user.
BTW, I'm using AVG free at home and have no trouble with updates being applied. At work we have Symantec enterprise version which also has no trouble updating.
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
