Solved

Local Users - Can I disable them from downloading and executing files?

Posted on 2003-11-04
6
157 Views
Last Modified: 2013-12-04
On my home pc running windows xp home without the use of third party software is it possible to disable the guet accont from running writing to the hardisk.

I mean if this is not possible that means anyone can download a trojan horse or keylogger and infect the computer??
0
Comment
Question by:Ricky11
  • 3
  • 2
6 Comments
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 500 total points
ID: 9679866
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9679871
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9679875
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 24

Expert Comment

by:SunBow
ID: 9682622
a) disable guest account   (many recommend eliminating it, but I rather like having one, my XP home came with default of being  without one)

b) Right click shared folder(s) to protect.  Select 'security'.  Deny any access you care to for any user group, whether by name, ID, or what have you. Is 'everyone' still configured?  

Make sure of course everything is backed up well, a boot disk handy, and restore process in place, including backup admin persons

Two things to bear in mind.

1) Windows requires people to be able to write to their OS directories to function ! <ugh> ! Go figure.

2) hmm I've already forgotten what was #2. How about I repeat my above insert of- be sure to always be prepared to undo any 'mistakes', which in this case can be close to rebuild if things go awry.  You can, for example, restrict a shared space, and deny access to yourself by mistake. Be prepared.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 9682714
> I mean if this is not possible that means anyone can download

Not really, or rather, not all the time.  Most of these require what are called Admin or System privelege. They take authority of user, who usually prefers to be in an admin group already so they can install easily themselves.

Better, to set even yourSelf up the other two IDs. One is your own separate ID as an Administrator as backup for mistakes, or tracking something in debug. The other is to give yourself less power, make yourself a regular user when not installing things, but accessing the internet.

Concerning the trojans, another thing they are is that they are executed, not usually among a bunch of downloaded files.

Where they are D/L'd, even for a 'guest' such as niece or nephew, they are part of perhaps an email system that requires write access to temp directories or Windows or something, so you sort of have to let them do just enough D/L to be danderous or there is nothing at all they can do on the system and they will go away in a huff.  Even trying to do a web browse, reading of internet files as for homework, the browser requires some tempory space available for downloading the webpages themselves, including som graphics, and maybe sound.  So you are stuck between a rock and a hard place there, if you cannot write to disk, then there's no mail, no internet, no game(save/net), no fun. So, why boher with a guest ID no one will want to use?

As I say, not easy to do entirely, but to keep them out of some places with the restrictions.
0
 
LVL 8

Expert Comment

by:nader alkahtani
ID: 9708134
- "I mean if this is not possible that means anyone can download a trojan horse or keylogger and infect the computer?? " 

- Yes if the files system is formatted with FAT32 or FAT16
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Nessus Scan 1 70
How to reinstall a 'Failed to install' Windows update 3 97
Penetration Testing home based work 3 73
Windows Password recovery 7 35
As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now