Can a limited user account help sequrity?
Results 1 to 8 of 8

Thread: Can a limited user account help sequrity?

  1. #1
    Junior Member
    Join Date
    Jan 2004
    Posts
    2

    Question Can a limited user account help sequrity?

    Most viruses/trojans install in the background and make changes to system files and the registry.
    So if I log on my pc at home as a user with a limited account is a way that I can avoid being hit by a virus/trojan that instals silent with changes in the system files and the registry, because I dont have the privilege to make all those changes?
    And I'm talking for viruse/trojan that can come not only from a file inside a cd or from my pc but also from internet, you know irc, p2p, etc......
    And if this is true, thats a good way to protect from beeing hacked or infected, isn't it?...

  2. #2
    Senior Member
    Join Date
    Dec 2002
    Posts
    275
    Yes, using a less privileged account will definately help you avoid that. As long as you use a limited account for everyday tasks and scan everything you want to install with your antivirus you should be good to go. Took me a little while to get used to a limited account but now I wouldn't have it any other way.

  3. #3
    Junior Member
    Join Date
    Jan 2004
    Posts
    14
    It will take you a while to get used to the limited features of a limited account but you'll come to realize that it's a smart idea.

    I would recommend only using the administrator account when having to make system-wide changes or when you have to install a program that requires that the user have administrator rights.

    Although the precaution may seem st00pid, it'll pay off in the future if, *by any chance*, you get some sort of malicious code stuck in your computer.

    Happy BHH (Black Hat Hunting) and Happy WHH (White Hat Hacking)

  4. #4
    Junior Member
    Join Date
    Jan 2004
    Posts
    2
    Also, using a limited user account, helps to increase system performance, because it loads fewer services than administrator's account, so you release system resources.
    But my question is this.
    The system changes are not allowed to be done from the user (you can't delet, change or modify registry or system files if your not the administrator)but a virus/trojan that runs and copies by itself, (you know not by the user's action) will still be stoped and not allowed to make system/registry changes by the system, because of the limited account rights?

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    this will stop some but not all. some get in and operate with "system" privilages. you can not do one thing and consider your self safe. you need AV and Firewall software along with all the security tweaks you can find.

    i really recomend downloading the cleaner. not to check for trojans so much but because it comes with a registry checker that does not allow unauthorized changes to the registry. even if you get the trial version the reg checker stays working even after the trojan cleaner expires
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #6
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,019
    Just to reinforce Tedob1 (not that he needs it, his suggestions are worth following), protecting the registry from changes is IMO very important. One other application I have had good luck with is regprot: http://www.diamondcs.com.au/index.php?page=regprot

    It also prevents unauthorized changes to the registry. I have not tried the cleaner myself, but it is mentioned many times here, so I have to assume it does the job also.

  7. #7
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    If you're using XP home, you also have a few accounts that need to be dealt with. Bring up a command line and type "net users". This will list all the accounts on the machine. You won't be able to delete "Administrator" or "Guest", but you can delete "HelpAssistant" and "Support"
    Just type "net account %accountname% /delete"

    Nest, Type "control userpasswords2" and change the name of "Administrator" to something that looks more like a basic user account name and change the password to a strong one (8 characters, alphanumeric and special characters). Do the same with "Guest". (yes, I know they are disabled, but that doesn't make them crackproof)

    That will help lock it down a little more.

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Hi,

    Try hardening it up a bit?

    http://www.analogx.com/ "Script defender" or: http://Keir.net/software.html "Scrip Trap"

    These intercept attempt to run popular scripts (malware?) from where they should not

    Then: http://www.bitdefender.com/

    This is an AV providers site but they do specific protections for popular P2P software as well as free AV for Windows/Linux/DOS

    This stuff is all free to private users at least.

    Failing that, you could always try Viagra eye drops..............at least they would make your system "look hard"

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides