|
Bugtraq
mailing list archives
Re: Escalation of privileges
From: Adam Richard <adam.richard2 () SYMPATICO CA>
Date: Wed, 9 Aug 2000 14:23:37 -0400
Hmm... Interesting, but needs an idiot admin to exploit.
Not necessarily a stupid admin, but stupid management who won't listen to
admins and then hire rent-a-techs to do botchy deployments. I have seen as
a company policy for a company-wide NT roll out on desktops, that the local
admin password is left blank upon deployement. Six months later they
decided to have a standardized password because it was such a mess. But
the passwords were to be standardized only when a tech happens to work on a
machine, so it will take ages before they have a uniform admin password.
Right now it's chaos. So it's not always the admin's fault.
I beg to differ. I don't have the time to minutely examine
every file that every app installs. I think it is reasonable
to expect reputable companies (such as Symantec) to ship
their apps in a secure state.
I found a nice freeware product recently called InstallWatch
(www.epsilonsquared.com) which does just that. They also have a software
called InstallRite that will extract the information from InstallWatch to
create self-extract install kit to facilitate software deployment. As a
bonus, I also wrote a paper about how to use InstallWatch as a
Tripwire-like IDS system. www.geocities.com/floydian_99
Hope that helps.
Adam
 By Date 
By Thread
Current thread:
- Re: reporting local security problems for WinNT (Re: Escalation of privileges), (continued)
Re: Escalation of privileges Nicolas Rachinsky (Aug 09)
Re: Escalation of privileges Mayers, Philip J (Aug 08)
Re: Escalation of privileges Adam Richard (Aug 10)
| 
Intro
