This is true and I have never opened a virus on to the network or anywhere other than testing. In our company though an admin a wile back did execute one and a lot was lost so it is now "policy".
-----Original Message----- From: Wes Owen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 11:29 AM To: NT 2000 Discussions Subject: RE: Use of administrative accounts Yeah, but the argument goes that if you are smart enough to have an admin account you should be smart enough not to get infected. We had several "admin" persons that had mapped drives to admin shares on web servers when they opened up the virus that destroyed all of the jpg files a while back. That sure made a mess of things. No not my staff or my servers these were all developers who insisted on having admin rights to "their" servers. -----Original Message----- From: Elkins, Justin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 12:25 PM To: NT 2000 Discussions Subject: RE: Use of administrative accounts Is there not a risk of your getting a virus that would then have admin control to all your mapped drives and network itself? -----Original Message----- From: Flanagan, Kevin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 11:16 AM To: NT 2000 Discussions Subject: RE: Use of administrative accounts I don't believe that special accounts solve anything. I have never worked anywhere that did that. We all have the rights that we need and use our own accounts for everything. Shared accounts are bad, IE Administrator, there's no auditing that can be done, not realistically anyways. I would bet that there are MANY things that you could do in that arena that would get you bigger payback. IE: When was the last time that service account passwords were changed? Most NT4 shops don't ever change them. While they may not be domain admins, I hope, they are likely to be local admins. This has come up from time to time, I've always been able to make it go away in favor of more useful work. +__________________________________________+ "There are two major products that come out of Berkeley: LSD and [Unix] BSD. We don't believe this to be a coincidence." -Jeremy S. Anderson Kevin M. Flanagan C/S Planning Engineer III IT Systems Implementation Branch Banking & Trust 3261 Atlantic Ave Suite 116 Raleigh, NC 27604 919-716-6209 > -----Original Message----- > From: Wes Owen [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 09, 2002 11:53 AM > To: NT 2000 Discussions > Subject: Use of administrative accounts > > > We are in the process of implementing separate administrative > accounts for all of our admins as part of a security project > and trying to put as many "best practices" in place as possible. > > Any one else out their doing such a thing? > > If so, how did you implement them from a naming perspective. > We started out adding a ADM designation on each account, but > doing that really makes them stick out. If someone was to > get a hold of an account list in some manner I am concerned > that they may immediately know what accounts to go after. > > > This e-mail and any files transmitted with it are > confidential and are intended solely for the use of the > individual or entity to whom they are addressed. If you are > NOT the intended recipient or the person responsible for > delivering the e-mail to the intended recipient, be advised > that you have received this e-mail in error and that any use, > dissemination, forwarding, printing, or copying of this > e-mail is strictly prohibited. > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to [EMAIL PROTECTED] > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
