[G3]-TechNews : Home| RSS | Atom | MSN | WAP

Article: Step-by-Step Guide: How to set up a VPN
Article: Download: Microsoft Monad (Beta)
Article: Building a 64-Bit Multimedia Workstation
Article: Coming Soon to Windows: The Microsoft Shell (MSH)
Article: How to Reset Win NT / 2000 / XP Administrator Password
Article: The Technology Behind Dual Core CPUs
Article: How-To: Wireless Network Security
Article: Article: PCI Express - technology backgrounder
Article: Tutorial: Access Hidden Files on Your iPod
Article: Troubleshooting drivers with XP's hidden Driver Verifier Manager
Article: How to Make a 5 in 1 Network Cable
Article: Comparison - Blu-ray & HD DVD
Article: Beginners Guides Linux : Part 1 | Part 2 | Part 3
Article: How To Crack WEP (Wired Equivalent Privacy)
Article: Email Addresses Spoofing.
Link: Free PHP ebook
Link: FREE ASP.NET books and eLearning course
Link: Free registration code for Opera 8.
Invitations: Gazzag (Here) | Yahoo! 360 (Here)  | Orkut (Here)

Windows XP's "Non-Admin Security".
Contributed by: G3nu1n3, at 6/23/2005 11:47:00 AM.

Microsoft is sparing no expense to spread the Least-privileged User Account security gospel ahead of next year's Longhorn launch, but a little-known fact-especially among IT administrators and end users-is that the technology is already available in the Windows operating system.

The LUA principle, also known as non-admin or minimum rights, is accepted within software security circles as a key to reducing damage from malicious hacker attacks, but on Windows systems, although the option is available, experts say end-user adoption remains "frighteningly low."

Looking to increase end-user and software developer awareness, Howard and a group of Microsoft developers have added information and tools on a non-admin Wiki aimed at Windows users.

On the Wiki, the Microsoft security gurus are sharing tips on how to set up non-admin accounts and explaining why widespread adoption can minimize the damage from rootkits, backdoors, keyloggers, adware, spyware, viruses and Trojans.

Howard stressed that user accounts with fewer privileges will greatly reduce the Windows "attack surface" and pointed out that several easy-to-use tools are available to help non-technical users find their way around the no-admin versus admin maze.

One of the tools, which was created by Howard, is the Drop My Rights utility that allows administrators to run Internet-facing applications—e-mail clients and Web browsers—as a non-administrator.

"If you're running as admin, you generally have a bucketload of privileges you will never use or never need. With Drop My Rights, you can run any command with lower privileges and do everyday chores without being at risk of having a nasty piece of malware take over your entire machine," he said.

The Wiki also provides simple instructions on how to tell if a machine is set to run as admin, how to give a user account temporary admin privileges, and how to force an application to always run with low privileges.

Windows users can also find an Internet Explorer toolbar that provides a color-coded display of the privilege level of running Windows processes.

Download: Drop My Rights Utlity (164 KB) | Instructions

Read Full Article: Here

To Read MOST UPDATED News Items browse to HOME page.


Post a Comment

<< Home

[G3]-TechNews : Home| RSS | Atom | MSN | WAP

Archives :

- Monthly Archives :

- Post Count: 1,783 before June 1, 2005. (Since: October 26, 2004)