Re: No lockout policy... why not?

Anna Clark wrote:
Oops! Thanks kj

Seems Anna was napping in class when the subject of Administrator
security was discussed. :-(

More research is required. But after a quick review of the
literature it is still not clear that disabling and/or renaming THE
Administrator account is either a workable solution or will do more
than slow down a knowledgable bad guy.

Of course slowing them down is a valuable objective, but an
authenticating firewall ahead of the server, preferably one that logs
unsuccsuful attempts and can do "lockouts" of its own, with entirely
different user id's and passwords would still seem to be the "more
secure" solution.

No, there is no one thing that can be done to make you 'secure'. The
administrator account is just a primary target. If you audit any of your
sites you'll find (or should) at least one other account that if compromised
would be a bad thing.

All of these are good practices at building depth into the site security.
Focusing on the firewall isn't all that should be done. The (US) FBI reports
75% of security breaches are from inside the firewall. Consider for just a
momement the new generation of cell phones some of which have built in WiFi.
How many of these will be walking in the doors of your sites soon?

--
/kj


.

Relevant Pages

  • Firewall
    ... I notice the firewall is active adn want to turn it off. ... I log on as the administrator and go to Control Panel and ... I select Mange Security Setting ...
    (microsoft.public.windowsxp.security_admin)
  • [NT] User Downgraded from Administrator to User Retains the Ability to List Other Users Running Task
    ... Beyond Security would like to welcome Tiscali World Online ... Windows XP presents a new option called "Fast User Switching" (FUS). ... Eitan has found that if a user is downgraded from an administrator role to ... as shown in task manager)) via tempting the local ...
    (Securiteam)
  • Re: Is complete home security possible?
    ... > If you are a gamer, some computer games will only run in administrator ... I have a clean disk image made from Norton Ghost, ... security issues to deal with to do it monthly, ... I have been using computers since 76, never had a virus on any of my ...
    (comp.security.firewalls)
  • Re: FOR A SKILLED IT EXPERT - WIN2K SERVER - DOMAIN CONTROLLER
    ... After installing a parallel copy of WIN2K SERVER, ... Administrator access in Directory Services Restore Safe Mode. ... This reset the local policy back to ... manual security reset. ...
    (microsoft.public.win2000.security)
  • "run as" local denial-of-service enables administrative account processes to be killed
    ... Windows XP Professional with SP2 ... While a user, at any security membership ... A contributing factor to the success of the attack ... Log in to the computer as a local administrator. ...
    (Bugtraq)
Loading