mailing list archives
Re: [PEN-TEST] Deeper Penetration
From: Clem Colman <clem () colmancomm com>
Date: Thu, 16 Nov 2000 01:35:48 -0500
It's hard for something like Tivoli, or a reporting or monitoring tool that is
installed on the domain and running agents, not to be installed as a privileged
True. My thinking would be that to limit impact the services on member servers should run under the privilege of a
local account or a domain account that has minimal rights in a domain context. This is particularly true, as you
noted, where there is an increased risk profile for the machine (ie Webserver exposed to net).
At the risk of firing up an almost dead thread what are people's experiences like in the field? I've always thought
that Defence in Depth would be much harder to attack, but most managers seem to prefer to put absolute trust in a
couple of devices. Thoughts?