Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: [PEN-TEST] Deeper Penetration

Re: [PEN-TEST] Deeper Penetration

From: Clem Colman <clem_at_colmancomm.com>
Date: Thu, 16 Nov 2000 01:35:48 -0500

<snip>
>It's hard for something like Tivoli, or a reporting or monitoring tool that is
>installed on the domain and running agents, not to be installed as a privileged
>

True. My thinking would be that to limit impact the services on member servers should run under the privilege of a local account or a domain account that has minimal rights in a domain context. This is particularly true, as you noted, where there is an increased risk profile for the machine (ie Webserver exposed to net).

At the risk of firing up an almost dead thread what are people's experiences like in the field? I've always thought that Defence in Depth would be much harder to attack, but most managers seem to prefer to put absolute trust in a couple of devices. Thoughts?

Cheers,
Clem.
Received on Nov 17 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos