What is the residual risk of applying fairly strict domain wide security
policies on a LAN but leaving local security policy pretty much the default?
More specifically, a Windows 2000 server is running an Oracle database.
There is about 5 or 6 local admin accounts on the box (system admins and
a DBA or two); no general user accounts. The administrators logon
normally with their domain admin account; the Oracle DBA logs in
remotely with his local DBA account using either terminal services or VNC.
Physical access to the box is very restricted, so any potential
malicious user is going to have to get to the box remotely.
BR
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
What is the residual risk of applying fairly strict domain wide security
policies on a LAN but leaving local security policy pretty much the default?
More specifically, a Windows 2000 server is running an Oracle database.
There is about 5 or 6 local admin accounts on the box (system admins and
a DBA or two); no general user accounts. The administrators logon
normally with their domain admin account; the Oracle DBA logs in
remotely with his local DBA account using either terminal services or VNC.
Physical access to the box is very restricted, so any potential
malicious user is going to have to get to the box remotely.
BR
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
[ reply ]