Solved

Guest Account.

Posted on 2006-10-25
2
379 Views
Last Modified: 2010-04-11
Hi!
I recently got a virus infection.
Think i got it from opening a mail.
My antivirus did not block it in time.

Anyway, have reformatted it.
As now is a new system, was initially thinking of setting this account to ONLY guest group.
As then this will NOT allow me ( guest account ) to write into registry and stuff like that.

I heard that some apps needs "write" access and was wondering if anyone can point the direction to me which are the ones needed.
Maybe like normal.dot? or something like that.

This computer is for office use.
So it wont be "installing" any apps very often.

Please advice.
Cheers!
Darence
0
Comment
Question by:darenceang
2 Comments
 
LVL 18

Accepted Solution

by:
PowerIT earned 25 total points
ID: 17802418
Use the tools from sysinternals to monitor the registry and file access of an application.
Regmon and filemon:
http://www.sysinternals.com/Utilities/Regmon.html
http://www.sysinternals.com/Utilities/Diskmon.html

What you are trying to implement is called 'user least privilige' and I'm glad you are doing it. From a security standpoint this is a very good idea.
But don't overdo it. A normal user account is also OK, guest is not required.

J.

0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17802723
The Principal of least privilege can be hard to adjust to. There are tools like RunAs built into M$ win2k, XP, 2003, that will help you with this. When a program, like a setup.exe or setup.msi need to be run with a higher privilege, you can use runas to give that app admin rights so it can install or run. There are many games and other software that need to write to certain directories or to the registry that can't because the group the account is in doesn't have a high enough priv, runas will allow you to remain logged in as the same user, but run the app as a different user. I have a runas script that allows you to drag and drop a setup.exe for example on to the .vbs (or vbe if you encrypt the .vbs). The password is stored in the script itself, or you can simply use runas by right-clicking the program and select runas, then enter "administrator (or whatever admin account you'd like to use) then the password" or you can use runas from the command line.
http://www.xinn.org/RunasVBS.html
Here are some great tips and programs that can also help! http://nonadmin.editme.com/
http://nonadmin.editme.com/sudoWn  
http://sourceforge.net/project/showfiles.php?group_id=143653&package_id=157780&release_id=427299
http://launch-admin.sourceforge.net/
http://nonadmin.editme.com/UsefulTools
http://richrumble.blogspot.com/2006/08/anti-admin-vs-anti-virus.html
-rich
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Join & Write a Comment

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now