-
October 27th, 2008, 02:36 PM
#11
You still did not quite cover MLF's questions
What was executed ...with administrator privledges...on a server?? and how?
What was the role of this server??
How did the lack of a AV cause an infection?? It is a reactive approach?
Both our servers are logged on with ADMINISTRATOR at all times. Dont ask my why. I believe it started duplicating files on a share that the marketing department uses and then just spread like wild fire.
There is no problem with leaving a server logged on as administrator, in fact it can prevent a console remote login by another user (although security policies should be preventing this anyway)..... In saying that, if the server is left unattended, the user should lock the computer, requiring to enter the password again to access.
Also, depending on software installed, it may need a user account logged on to work (Read: Application based feed Vs. Installed Service)
Last edited by CybertecOne; October 27th, 2008 at 02:39 PM.
"Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
- Albert Einstein
Similar Threads
-
By C:\Saw in forum Operating Systems
Replies: 5
Last Post: February 20th, 2008, 07:26 PM
-
By acdspit00 in forum AntiOnline's General Chit Chat
Replies: 25
Last Post: September 8th, 2006, 10:33 AM
-
By treanglin in forum Security News
Replies: 1
Last Post: August 17th, 2006, 02:59 PM
-
By muert0 in forum Operating Systems
Replies: 1
Last Post: August 27th, 2004, 03:14 AM
-
By tampabay420 in forum Programming Security
Replies: 2
Last Post: February 14th, 2003, 02:36 PM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|