Oh I agree I was just making the other sides argument. -----Original Message----- From: Patrick R. Sweeney [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 10:24 PM To: NT 2000 Discussions Subject: RE: Use of administrative accounts
You can be as smart as you want - some exploits run as soon as you open an email, not when you open an attachment. Assuming a new exploit of this class emerges, and you aren't patched against it, then being smart enough not to open an attachment won't do squat for you. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Owen Sent: Wednesday, January 09, 2002 1:29 PM To: NT 2000 Discussions Subject: RE: Use of administrative accounts Yeah, but the argument goes that if you are smart enough to have an admin account you should be smart enough not to get infected. We had several "admin" persons that had mapped drives to admin shares on web servers when they opened up the virus that destroyed all of the jpg files a while back. That sure made a mess of things. No not my staff or my servers these were all developers who insisted on having admin rights to "their" servers. -----Original Message----- From: Elkins, Justin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 12:25 PM To: NT 2000 Discussions Subject: RE: Use of administrative accounts Is there not a risk of your getting a virus that would then have admin control to all your mapped drives and network itself? -----Original Message----- From: Flanagan, Kevin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 11:16 AM To: NT 2000 Discussions Subject: RE: Use of administrative accounts I don't believe that special accounts solve anything. I have never worked anywhere that did that. We all have the rights that we need and use our own accounts for everything. Shared accounts are bad, IE Administrator, there's no auditing that can be done, not realistically anyways. I would bet that there are MANY things that you could do in that arena that would get you bigger payback. IE: When was the last time that service account passwords were changed? Most NT4 shops don't ever change them. While they may not be domain admins, I hope, they are likely to be local admins. This has come up from time to time, I've always been able to make it go away in favor of more useful work. +__________________________________________+ "There are two major products that come out of Berkeley: LSD and [Unix] BSD. We don't believe this to be a coincidence." -Jeremy S. Anderson Kevin M. Flanagan C/S Planning Engineer III IT Systems Implementation Branch Banking & Trust 3261 Atlantic Ave Suite 116 Raleigh, NC 27604 919-716-6209 > -----Original Message----- > From: Wes Owen [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 09, 2002 11:53 AM > To: NT 2000 Discussions > Subject: Use of administrative accounts > > > We are in the process of implementing separate administrative > accounts for all of our admins as part of a security project > and trying to put as many "best practices" in place as possible. > > Any one else out their doing such a thing? > > If so, how did you implement them from a naming perspective. > We started out adding a ADM designation on each account, but > doing that really makes them stick out. If someone was to > get a hold of an account list in some manner I am concerned > that they may immediately know what accounts to go after. > > > This e-mail and any files transmitted with it are > confidential and are intended solely for the use of the > individual or entity to whom they are addressed. If you are > NOT the intended recipient or the person responsible for > delivering the e-mail to the intended recipient, be advised > that you have received this e-mail in error and that any use, > dissemination, forwarding, printing, or copying of this > e-mail is strictly prohibited. > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to [EMAIL PROTECTED] > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
