Home page logo

basics logo Security Basics mailing list archives

RE: Service install without permissions
From: "JM" <jm () mindless com>
Date: Fri, 21 Nov 2003 09:27:45 -0000

If theses machines don't "belong" to you, I would suggest that installing
apps/services without Admin privleges is the way it is meant to be. You
would be installing your apps on a machine owned by someone else, they
should have the ability to control this.

How would you feel if an audit of PCs/Servers under your control, revealed
that someone had written an application specifically to avoid the controls
you had put in place.  I would send the software to the local admin, and
have then install it, in a controlled manner.

If however they are "your" machines, you can psexec (from sysinternals) and
run the installation's remotely, or remote control, or use a temporary
password for the runas command



-----Original Message-----
From: Ansgar -59cobalt- Wiechers [mailto:bugtraq () planetcobalt net] 
Sent: 20 November 2003 11:46
To: security-basics () securityfocus com

On 2003-11-19 Lucas Beber wrote:
We need to send a CD for autoinstall a service in remote locations 
where we have NT Servers. The user's that will run the install 
procedure do not have the administrator password (for obvious security 

The question is :
How to install a service without using the administrator user?

If you have remote access you can do it remotely (terminal services, VNC,
...). If not, you can do it by using software like NetInstall [1], which
runs as a service and allows you to distribute the software through
different channels, even CDs. If neither of these preconditions applies to
your case, the answer is: Not.

[1] http://www.netinstall.de/

Ansgar Wiechers



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]