|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [ISN] Who gets your trust? (fwd)
From: mea culpa (jericho
DIMENSIONAL.COM)
Date: Thu Jan 20 2000 - 14:25:07 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Reply From: Chris Brenton <cbrentonsover.net>
> They
> just wanted to set up a root account with a different environment. That's
> not hacking, right? Wrong. Their intention did not matter -- the security
> of the system has been bypassed.
Hummm, so I guess everyone who has ever setup a dedicated account for
performing back-ups is now a hacker, right? ;)
I also take issue with the statement "intention did not matter". Intent is
everything, otherwise I would consider every user who has accidentally
deleted a file a destructive anarchist. There is a big difference between
stupidity and malicious intent.
Also, where does this author get off making the blanket statement that
setting up an alternate account with god rights is bypassing the system
security??? I see, its better to have everyone logon at the console as
Admin so you have no traceability as to who does what with the account.
At least by elevating privileges for an admin's personal account you have
some tracability as to what they where doing. In the NT & NetWare world I
personally like to completely disable the Admin account so support people
are forced to use their own accounts (and thus are tracked and logged). So
how is this bypassing security???
> This article discusses how administrative privileges can be abused and
> suggests some methods for countering that abuse.
IMHO this sounds like "you don't have to trust your admins, just use these
tools". So who besides the networking staff has the skill set to actually
run these tools? Oh ya, and if the Admins have god rights what's to stop
them from disabling the tools, humm? Either you trust these people or you
do not. If you don't replace them.
I know, you can bring in third party consultants to install the tools! Oh
wait, how do you know you can trust them either? ;)
> It is not meant to imply
> that every administrator abuses privileges or has malicious intent -- just
> that you shouldn't assume anything.
I've also seen HR people reviewing 401K statements to estimate an
employee's worth and accounting people digging to find out who makes more
than they do. What's your point? *Anyone* with access to information or
resources is capable of abusing their authority. It has nothing to do with
whether they run the network or not.
Cheers,
Chris
--
**************************************
cbrentonsover.net
* Multiprotocol Network Design & Troubleshooting
http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet
* Mastering Network Security
http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
ISN is sponsored by Security-Focus.COM
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]