[PANTUGGeneral] Easily Removing End Users from the Local Administrators Group
1 view
Skip to first unread message
Troy Sorzano
Mar 21, 2010, 12:18:22 PM3/21/10
to PANTUG General Discussion (and technical Q&A)
Easily Removing End Users from the Local Administrators Group
http://www.petri.co.il/removing-end-users-from-the-local-administrators-group.htm
The reason I care about this is because I provide gateway security to many clients. The latest Zero Day PDF/Flash exploits that can infect with a simple drive by have been distributed by AD syndication. So traditionally safe and legitimate website have been infecting clients. The odd thing was that I have not seen the same level of infection on my 50+ employees as I have seen in the field. The one client hit most has a specific software package for the legal industry that requires local admin rights. I am 99.9% sure this is why they get hit harder then our office that does not allow local admin rights. I have been offering solutions to allow this one application to run as admin while IE, Flash and other malware magnets run as restricted users. I just found a new possible solution RunAsGui. Here is what I have offered as possible solutions so far.
1. www.beyondtrust.com commercial product to manage applications and users rights.
http://www.petri.co.il/removing-end-users-from-the-local-administrators-group.htm
The reason I care about this is because I provide gateway security to many clients. The latest Zero Day PDF/Flash exploits that can infect with a simple drive by have been distributed by AD syndication. So traditionally safe and legitimate website have been infecting clients. The odd thing was that I have not seen the same level of infection on my 50+ employees as I have seen in the field. The one client hit most has a specific software package for the legal industry that requires local admin rights. I am 99.9% sure this is why they get hit harder then our office that does not allow local admin rights. I have been offering solutions to allow this one application to run as admin while IE, Flash and other malware magnets run as restricted users. I just found a new possible solution RunAsGui. Here is what I have offered as possible solutions so far.
1. www.beyondtrust.com commercial product to manage applications and users rights.
2. Run IE as restricted user Microsoft tool Drop My Rights http://cybercoyote.org/security/drop.shtml
3. Use RunAs to execute the one app as local admin. See RunAsGui article below. RunAsGui
http://www.smart-x.com/?CategoryID=223&ArticleID=181&sng=1
The RunAsGui solves the issue of clear text local admin passwords
Troy
_______________________________________________
PANTUGGeneral mailing list: PANTUG...@lists.pantug.org
To remove your address or change your delivery options see:
http://lists.pantug.org/mailman/listinfo/pantuggeneral
For the searchable archives see:
http://groups.google.com/group/pantug/
Reply all
Reply to author
Forward
0 new messages