Security Basics mailing list archives

RE: Conflict of interests

From: "Nick Vaernhoej" <nick.vaernhoej () capitalcardservices com>
Date: Mon, 4 May 2009 16:45:53 -0500

Good afternoon,

As one sitting on the IT side of the house I am wondering after your
posting, what task(s) you need Domain Admin rights to accomplish?

Thank you

Nick

-> -----Original Message-----
-> From: s0h0us () yahoo com
-> Sent: Monday, May 04, 2009 1:17 PM
-> To: security-basics () securityfocus com
-> Subject: Conflict of interests
->
-> As a security guy, not part of the IT department, I require a level
of
-> access in order to perform my job. Certain types of tools require
-> privileged access in order to work. Like having domain admin access
-> and/or similar privileged access for unix and linux systems. Is it
-> reasonable to request this type of access without causing any type of
-> conflict of interest that internal auditors might question? I guess
-> audit trails would come in handy here.
-> Thanks for the feedback.

This electronic transmission is intended for the addressee (s) named above. It contains information that is privileged,
confidential, or otherwise protected from use and disclosure. If you are not the intended recipient you are hereby
notified that any review, disclosure, copy, or dissemination of this transmission or the taking of any action in
reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please
notify the sender that this message was received in error and then delete this message.
Thank you.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified
Penetration Tester exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------

Current thread:

Conflict of interests s0h0us (May 04)
- RE: Conflict of interests Ian Bradshaw (May 05)
- RE: Conflict of interests Nick Vaernhoej (May 05)
- Re: Conflict of interests Sebastien MAHIEUX (May 05)
- Message not available
  - Re: Conflict of interests s0h0us (May 05)
    - RE: Conflict of interests James Flaherty (May 05)
- RE: Conflict of interests James Flaherty (May 05)
- Re: Conflict of interests David Schekaiban (May 05)
- Re: Conflict of interests Richard Thomas (May 05)
  - Re: Conflict of interests s0h0us (May 05)
    - Re: Conflict of interests Richard Thomas (May 05)
    - Re: Conflict of interests Aarón Mizrachi (May 06)
    - RE: Conflict of interests Dave Kleiman (May 06)

(Thread continues...)