HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 21 guests and 3 members online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Question on Net command.
Ethical Hacker Community Forums
January 07, 2009, 09:37:24 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Question on Net command.  (Read 1430 times)
0 Members and 1 Guest are viewing this topic.
g00d_4sh
Sr. Member
****
Offline Offline

Posts: 296



View Profile
« on: December 07, 2007, 08:56:54 PM »
Question for you guys, since I'm not familiar off hand with this and my boss wants an answer.  What are the threats of non-admin accounts having access to the Net command, and how serious is it?  We have a policy comming down from DOI appearently wanting us to restrict Net command to just admin accounts, but it would screw with some of the visual basic scripts we use.  So... how serious a threat is it and so forth.  Any help would be highly appreciated.
Logged
"Bad.. Good?  I'm the guy with the gun"
Kev
Sr. Member
****
Offline Offline

Posts: 359


View Profile
« Reply #1 on: December 08, 2007, 08:28:02 AM »
If you have good security and policies in place, there should not be a problem.
Logged
ChrisG
EH-Net Columnist
Hero Member
*****
Online Online

Posts: 1049


View Profile WWW
« Reply #2 on: December 08, 2007, 10:34:33 AM »
Quote from: Kev on December 08, 2007, 08:28:02 AM
If you have good security and policies in place, there should not be a problem.

mean appropriate account permissions, if everyone has admin rights, you may have a problem with the net command because users could make all kinds of changes on the command line
Logged
...tests i took go here...

http://carnal0wnage.blogspot.com/
g00d_4sh
Sr. Member
****
Offline Offline

Posts: 296



View Profile
« Reply #3 on: December 08, 2007, 03:00:20 PM »
So basically, there is no real reason to restrict the Net command from non Admin accounts?  Due to my suggestion we are stripping local admin rights from the vast majority of our users.  Appearently our higher ups from Washington want us to also restrict the Net command so that no 'non' admin accounts can access or use it.  We have scripts we set up for users to accomplish certain tasks and appearently they require the Net command.  Anyway, so you guys are saying there is really no reason to restrict the Net command from non admin accounts, and that it posses no real risk?
Logged
"Bad.. Good?  I'm the guy with the gun"
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.042 seconds with 23 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
How many security events including conferences and training do you attend a year:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2009 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.