{"id":117,"date":"2007-02-17T21:45:51","date_gmt":"2007-02-17T21:45:51","guid":{"rendered":"http:\/\/dalelane.co.uk\/blog\/?p=117"},"modified":"2007-02-17T22:02:58","modified_gmt":"2007-02-17T22:02:58","slug":"safer-email-and-web-browsing-with-psexec","status":"publish","type":"post","link":"https:\/\/dalelane.co.uk\/blog\/?p=117","title":{"rendered":"Safer email and web browsing with psexec"},"content":{"rendered":"<p>When using Windows, I log on with an &#8216;Administrator&#8217; account. I know that this isn&#8217;t too clever &#8211; I&#8217;d never logon as &#8216;root&#8217; on my Linux box all day. And it doesn&#8217;t take much searching to find a dozen pages which <a href=\"http:\/\/www.awprofessional.com\/articles\/article.asp?p=409919&#038;rl=1\" title=\"don't run as administrator\" target=\"_blank\">advise against it<\/a> as it leaves me more at risk from malware and various other problems. <\/p>\n<p>But I do it because it&#8217;s just too much hassle to run as a normal user. Some apps I rely on need Admin access to run, and other limitations make me think that I need to be Administrator.<\/p>\n<p>The biggest risk is with Internet-facing applications. Any malware that I pick up gets to run with my credentials &#8211; as Administrator. So as a compromise, I run Internet-facing with limited credentials. If malware slips in, at least it doesn&#8217;t get to run as Administrator. I do this with a free Sysinternals tool, <a href=\"http:\/\/www.microsoft.com\/technet\/sysinternals\/Security\/PsExec.mspx\" title=\"psexec\" target=\"_blank\">psexec<\/a>. <\/p>\n<p><!--more-->I&#8217;ve altered the shortcuts on my quick-launch bar that launch Outlook and Firefox so that they point at psexec, and use psexec to run the app instead. <\/p>\n<p>For example:<\/p>\n<pre><code>\"C:\\\\Program Files\\\\Sysinternals\\\\psexec.exe\" -l -d \"C:\\\\Program Files\\\\Microsoft Office\\\\Office11\\\\OUTLOOK.EXE\"\r\n\"C:\\\\Program Files\\\\Sysinternals\\\\psexec.exe\" -l -d \"C:\\\\Program Files\\\\Mozilla Firefox\\\\firefox.exe\"<\/code><\/pre>\n<p><code>-l<\/code> gets psexec to run a process as a <strong>limited user<\/strong><br \/>\n<code>-d<\/code> gets psexec not to wait around after the Internet app is launched<\/p>\n<p>(My shortcuts point at psexec, but I change the icon so that they look like they app included in the shortcut&#8217;s target field.)<\/p>\n<p>My Internet access is a little safer, and I feel a little less guilty about running as Administrator. <\/p>\n<p><strong>Note:<\/strong> I actually picked up this tip from <a title=\"wikipedia profile\" target=\"_blank\" href=\"http:\/\/en.wikipedia.org\/wiki\/Mark_Russinovich\">Mark Russinovich<\/a> last June at a <a href=\"http:\/\/www.sysinternals.com\/troubleshooting.html\" target=\"_blank\" title=\"Windows Internals and Advanced Troubleshooting\">Windows Internals<\/a> course &#8211; back before he became a Microsoftie. <\/p>\n<p>I&#8217;ve been using it ever since, but thought I&#8217;d mention it today after reading an <a href=\"http:\/\/blogs.technet.com\/markrussinovich\/archive\/2007\/02\/12\/638372.aspx\" title=\"PsExec, User Account Control and Security Boundaries\" target=\"_blank\">article on Mark&#8217;s blog<\/a> on the train today, in which he talks about the changes in this area that Windows Vista brings. It&#8217;s an interesting post &#8211; and worth a read. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>When using Windows, I log on with an &#8216;Administrator&#8217; account. I know that this isn&#8217;t too clever &#8211; I&#8217;d never logon as &#8216;root&#8217; on my Linux box all day. And it doesn&#8217;t take much searching to find a dozen pages which advise against it as it leaves me more at risk from malware and various [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-117","post","type-post","status-publish","format-standard","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=\/wp\/v2\/posts\/117","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=117"}],"version-history":[{"count":0,"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=\/wp\/v2\/posts\/117\/revisions"}],"wp:attachment":[{"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=117"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=117"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dalelane.co.uk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=117"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}