Solved

Guest Account.

Posted on 2006-10-25
2
383 Views
Last Modified: 2010-04-11
Hi!
I recently got a virus infection.
Think i got it from opening a mail.
My antivirus did not block it in time.

Anyway, have reformatted it.
As now is a new system, was initially thinking of setting this account to ONLY guest group.
As then this will NOT allow me ( guest account ) to write into registry and stuff like that.

I heard that some apps needs "write" access and was wondering if anyone can point the direction to me which are the ones needed.
Maybe like normal.dot? or something like that.

This computer is for office use.
So it wont be "installing" any apps very often.

Please advice.
Cheers!
Darence
0
Comment
Question by:darenceang
2 Comments
 
LVL 18

Accepted Solution

by:
PowerIT earned 25 total points
ID: 17802418
Use the tools from sysinternals to monitor the registry and file access of an application.
Regmon and filemon:
http://www.sysinternals.com/Utilities/Regmon.html
http://www.sysinternals.com/Utilities/Diskmon.html

What you are trying to implement is called 'user least privilige' and I'm glad you are doing it. From a security standpoint this is a very good idea.
But don't overdo it. A normal user account is also OK, guest is not required.

J.

0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17802723
The Principal of least privilege can be hard to adjust to. There are tools like RunAs built into M$ win2k, XP, 2003, that will help you with this. When a program, like a setup.exe or setup.msi need to be run with a higher privilege, you can use runas to give that app admin rights so it can install or run. There are many games and other software that need to write to certain directories or to the registry that can't because the group the account is in doesn't have a high enough priv, runas will allow you to remain logged in as the same user, but run the app as a different user. I have a runas script that allows you to drag and drop a setup.exe for example on to the .vbs (or vbe if you encrypt the .vbs). The password is stored in the script itself, or you can simply use runas by right-clicking the program and select runas, then enter "administrator (or whatever admin account you'd like to use) then the password" or you can use runas from the command line.
http://www.xinn.org/RunasVBS.html
Here are some great tips and programs that can also help! http://nonadmin.editme.com/ 
http://nonadmin.editme.com/sudoWn 
http://sourceforge.net/project/showfiles.php?group_id=143653&package_id=157780&release_id=427299
http://launch-admin.sourceforge.net/
http://nonadmin.editme.com/UsefulTools
http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
-rich
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question