+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
Windows Thread, Application security options in Technical; ............
  1. #1
    broken_url's Avatar
    Join Date
    Mar 2008
    Location
    Cape Town
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Application security options

    .........
    Last edited by broken_url; 15th May 2008 at 04:23 PM.

  2. #2

    Join Date
    Mar 2007
    Location
    Central Scotland
    Posts
    829
    Thank Post
    12
    Thanked 8 Times in 8 Posts
    Rep Power
    19
    What application? Otherwise you'll probably never get an answer.

  3. #3
    kesomir's Avatar
    Join Date
    Mar 2008
    Location
    London
    Posts
    288
    Thank Post
    15
    Thanked 28 Times in 23 Posts
    Rep Power
    18
    I'm not sure I understand your problem.

    Are you talking about running ranger admin on a client machine under your normal user account? What is the primary usergroup for that account? are the required security settings enabled for that user account in ranger? What do you mean by "full-control"?

    If you can access the ranger admin panel from a client machine, then your account's primary usergroup must have been granted access via the ranger admin panel - afaik there isn't a limited access mode for the ranger admin panel.

    Are you the administrator?

    The sentinel forums can be useful - if a solution isn't apparent from either the knowledgebase or admin manual.

  4. #4
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,205
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    I think Ranger Account Manager has a limited staff mode that is set using a config file. Can't remember more detail but there should be something on the Ranger site.

  5. #5
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,205
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    Where did you get the admin utility?


    So let me get this straight you're saying you're a student or staff member not allowed to use the Ranger Admin Utility but you want to use it? Is that not a breach of your acceptable use agreement?
    Last edited by cookie_monster; 12th May 2008 at 05:45 PM.

  6. #6
    joe90bass's Avatar
    Join Date
    Oct 2007
    Location
    S Wales
    Posts
    1,352
    Thank Post
    325
    Thanked 107 Times in 96 Posts
    Rep Power
    51
    Can I ask what your role is in the school? If you only have a limited account are you are a techie? If so can't the NM or another techie give you access to Ranger admin?

  7. #7
    kesomir's Avatar
    Join Date
    Mar 2008
    Location
    London
    Posts
    288
    Thank Post
    15
    Thanked 28 Times in 23 Posts
    Rep Power
    18
    I'd be interested to hear the specifics. Can you attach these "batch files and things"?

    If you can't access cmd, it's unlikely that ranger would permit executing batch scripts - that is after all, the whole point of ranger.

  8. #8
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,205
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    I think broken_url is saying that they have already used bat files to search network shares so ranger clearly isn't stopping that.


    @broken_url, CMD prompt can be stopped by Ranger or Group policy but the bat files still run via command.com



    you can exactly do much with a Read-Only program can you
    How do you mean read only most executable files are 'read only' as in you don't need to alter them to run them.
    Last edited by cookie_monster; 12th May 2008 at 06:54 PM.

  9. #9
    meastaugh1's Avatar
    Join Date
    Jul 2006
    Location
    London/Hertfordshire
    Posts
    890
    Thank Post
    69
    Thanked 85 Times in 70 Posts
    Rep Power
    32
    Is it a good idea to be assisting a student (going by post content, the lack of any other posts) to circumvent the school's security?

    it doesnt really matter how i got to the program, i just need to give myself full access

  10. #10
    kesomir's Avatar
    Join Date
    Mar 2008
    Location
    London
    Posts
    288
    Thank Post
    15
    Thanked 28 Times in 23 Posts
    Rep Power
    18
    Would have liked to have seen an example of one of the batch files though.

    @broken_url what school?

  11. #11
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,205
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    I did point out this issue
    Is that not a breach of your acceptable use agreement?
    I don't believe i/we have provided any technical assistance and there really isn't anything in the Ranger folder that can cause harm without admin rights.

  12. #12
    azrael78's Avatar
    Join Date
    Sep 2007
    Location
    Devon
    Posts
    383
    Thank Post
    47
    Thanked 37 Times in 33 Posts
    Rep Power
    21
    Quote Originally Posted by broken_url View Post
    Basicly, i need to know if there is any way i can change the programs security options on an account that cant change it, in other words a batch file? or VB Script? that can change it without the admin doing so, it doesnt really matter how i got to the program, i just need to give myself full access because at the moment its Read-Only and you can exactly do much with a Read-Only program can you.
    In short:
    1) You can't 'hack' rights to a program that you don't have access to.
    2) It's clear that you shouldn't be even doing this - I understand that students can get curious and such - but the program is locked for a reason.

    If you really want it to work - venture toward a career in IT, take the exams, get a job and then you will be on the other side of the fence, you will be wanting to keep people out of your system, not try to find ways in.

    Az

  13. #13
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,205
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    You can't that's the point not without elevating your user rights i.e hacking the network or using someone’s admin account.

    Both which i'm sure will be forbidden by your acceptable user agreement and against the law.

  14. #14

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    I think your wasting your time here trying to get Ranger to run under your limited account. Ranger relies on the underlying active directory security levels to work, as such your better off attempting to compromise AD directly.

    You can do this a variety of ways, however in a school environment the simplest methods are usually the best. i.e. good old fashioned social engineering. Keep an eye out for teachers leaving computers logged on unattended or putting their passwords on post-it notes or notebooks. Be aware that machines that are in areas that pupils don't go usually have higher access to the network than those in classrooms. It's much higher personal risk, but with a much better payoff. Googling for social engineering will give you some ideas on how to pull this off effectively.

  15. #15

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    9,629
    Thank Post
    1,813
    Thanked 2,225 Times in 1,643 Posts
    Rep Power
    800
    Quote Originally Posted by Geoff View Post
    I think your wasting your time here trying to get Ranger to run under your limited account. Ranger relies on the underlying active directory security levels to work, as such your better off attempting to compromise AD directly.

    You can do this a variety of ways, however in a school environment the simplest methods are usually the best. i.e. good old fashioned social engineering. Keep an eye out for teachers leaving computers logged on unattended or putting their passwords on post-it notes or notebooks. Be aware that machines that are in areas that pupils don't go usually have higher access to the network than those in classrooms. It's much higher personal risk, but with a much better payoff. Googling for social engineering will give you some ideas on how to pull this off effectively.



    Milton Keynes EduGeeks with Ranger on their sytems... BEWARE!

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Backup options
    By lemonstar in forum Network and Classroom Management
    Replies: 5
    Last Post: 20th April 2008, 06:57 PM
  2. Wireless options
    By djones in forum Wireless Networks
    Replies: 7
    Last Post: 9th January 2008, 03:39 PM
  3. Shut Down Options
    By tomlin in forum How do you do....it?
    Replies: 9
    Last Post: 7th October 2007, 12:59 AM
  4. NAS options
    By dave.81 in forum Hardware
    Replies: 8
    Last Post: 31st August 2007, 10:23 AM
  5. Mobile Security Application
    By Nij.UK in forum General Chat
    Replies: 1
    Last Post: 22nd August 2007, 02:39 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •