May 21st, 2007, 12:59 PM
Multiple User Security
Hi, following on from this thread: http://antionline.com/showthread.php?t=275346
I thought it might be interesting to share thoughts and methods of implementing secure multiple user access?
I am not talking about the standard network stuff here; rather I am looking at situations where the same hardware assets have to be shared by a number of people.
To restrict the discussion to current situations I would suggest that we basically look at Win2000, XP and Vista................. or other OSes that are contemporary with them
What I am asking, is that where you have to share workstations, how do you do it? and why did you chose that particular method?
May 22nd, 2007, 12:33 AM
Some of the tips you mentioned I had already implemented. After my cousin hacked my laptop I went on a crusade to find out everything about it. All efforts were futile. Instead I started taking other measures to beef up the security. I ran across Novell Client. Do you think this may help me?
May 22nd, 2007, 06:17 PM
At the place where I work, we just use AD w/ roaming profiles to handle it. We also map their My Documents folder to a remote server, and pass the info through policy.
May 22nd, 2007, 06:58 PM
you are both talking about network security......
AOBaba.......you will need a novell server to run a novell client
I think what Nihil is looking for is more how do you secure your XP home machine when you have 4 kids and a spouse that use the same machine???
NTFS and Limited accounts, auto lock on when account becomes idle
Everyone has thier own "my docs\pics\music" area...which are inaccessible to the other accounts...unless you are all powerful admin ...which happens to be me
Admin account is only used for admin duties...I have a regular account....just like everone else.
Thats what I do
How people treat you is their karma- how you react is yours-Wayne Dyer
May 22nd, 2007, 08:48 PM
There are third party solutions such as this one, but I have no idea how good they are
May 22nd, 2007, 09:16 PM
Delstar is right on. Most places use AD with roaming profiles and for added security they have a secure server that has mapped drives for each user. It is pretty secure and quite convenient.
MLF I think you have a perfect setup for a home setup.
Nihil Im not sure how well how those things but what is the purpose for a program like that. I would rather logoff each time then use a program like that. As far as I know those types of programs are easy to get around because they are usually just a start up entry/ a service that runs in the background.
What I highly recommend for computers that have multiple users on them is DeepFreeze. (http://www.faronics.com) Any changes made to the system are reverted on reboot. You can make exceptions so each person could maintain their own personal folders but any thing that could be harmed outside of those folders is always restored on reboot.
May 22nd, 2007, 10:58 PM
I guess I can see a situation where multiple people are using the same thick client applications? Kind of like salespersons in stores or bartenders?
There you want to preserve an audit trail to the individual. I have normally seen this done with a physical key or token, though.
This sort of system for example will lock the user session when they remove their smartcard/token
Last edited by nihil; May 23rd, 2007 at 02:03 PM.
May 23rd, 2007, 04:21 PM
That would be cool if you had a smartcard. I have never actually seen a system with that setup on it but it would be convenient.
By tenzenryu in forum The Security Tutorials Forum
Last Post: November 4th, 2005, 07:10 PM
By \/IP3R in forum AntiOnline's General Chit Chat
Last Post: March 7th, 2005, 10:25 PM
By SDK in forum Miscellaneous Security Discussions
Last Post: December 1st, 2004, 12:45 AM
By gore in forum Operating Systems
Last Post: March 7th, 2004, 08:02 AM
By instronics in forum The Security Tutorials Forum
Last Post: February 5th, 2003, 10:04 AM