Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Deeper Penetration
From: Clem Colman <clem () colmancomm com>
Date: Thu, 16 Nov 2000 01:35:48 -0500

It's hard for something like Tivoli, or a reporting or monitoring tool that is
installed on the domain and running agents, not to be installed as a privileged

True.  My thinking would be that to limit impact the services on member servers should run under the privilege of a 
local account or a domain account that has minimal rights in a domain context.  This is particularly true, as you 
noted, where there is an increased risk profile for the machine (ie Webserver exposed to net).

At the risk of firing up an almost dead thread what are people's experiences like in the field?  I've always thought 
that Defence in Depth would be much harder to attack, but most managers seem to prefer to put absolute trust in a 
couple of devices.  Thoughts?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]