Solved

Guest Account.

Posted on 2006-10-25
2
381 Views
Last Modified: 2010-04-11
Hi!
I recently got a virus infection.
Think i got it from opening a mail.
My antivirus did not block it in time.

Anyway, have reformatted it.
As now is a new system, was initially thinking of setting this account to ONLY guest group.
As then this will NOT allow me ( guest account ) to write into registry and stuff like that.

I heard that some apps needs "write" access and was wondering if anyone can point the direction to me which are the ones needed.
Maybe like normal.dot? or something like that.

This computer is for office use.
So it wont be "installing" any apps very often.

Please advice.
Cheers!
Darence
0
Comment
Question by:darenceang
2 Comments
 
LVL 18

Accepted Solution

by:
PowerIT earned 25 total points
ID: 17802418
Use the tools from sysinternals to monitor the registry and file access of an application.
Regmon and filemon:
http://www.sysinternals.com/Utilities/Regmon.html
http://www.sysinternals.com/Utilities/Diskmon.html

What you are trying to implement is called 'user least privilige' and I'm glad you are doing it. From a security standpoint this is a very good idea.
But don't overdo it. A normal user account is also OK, guest is not required.

J.

0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17802723
The Principal of least privilege can be hard to adjust to. There are tools like RunAs built into M$ win2k, XP, 2003, that will help you with this. When a program, like a setup.exe or setup.msi need to be run with a higher privilege, you can use runas to give that app admin rights so it can install or run. There are many games and other software that need to write to certain directories or to the registry that can't because the group the account is in doesn't have a high enough priv, runas will allow you to remain logged in as the same user, but run the app as a different user. I have a runas script that allows you to drag and drop a setup.exe for example on to the .vbs (or vbe if you encrypt the .vbs). The password is stored in the script itself, or you can simply use runas by right-clicking the program and select runas, then enter "administrator (or whatever admin account you'd like to use) then the password" or you can use runas from the command line.
http://www.xinn.org/RunasVBS.html
Here are some great tips and programs that can also help! http://nonadmin.editme.com/ 
http://nonadmin.editme.com/sudoWn 
http://sourceforge.net/project/showfiles.php?group_id=143653&package_id=157780&release_id=427299
http://launch-admin.sourceforge.net/
http://nonadmin.editme.com/UsefulTools
http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
-rich
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question