× Welcome to SGCyberSecurity forum!

Feel free to discuss any topics relating to cybersecurity with the rest of the security community in this forum.

Topic-icon Bypassing company's security policies

10 years 3 months ago #1264 by o_quinton7

hi folks, just want to find out if there r ways to bypass company's security policies which r pushed down to computers? i just want to test out if i push down a policy (E.g. to prevent user from installing programs), how can user bypass?

Please Log in or Create an account to join the conversation.

9 years 4 months ago #1265 by o_icemanssl22

As long the end user have "Local Admins" right to the machine; the computer simply assume that he/she has full control of the machine. (see the weakness!)

Same theory applies to the others default roles on the local machine. They have certain level of rights to write/read to the registry keys.

GPO is never be the only answer to secure your computer in your environment.

 

Please Log in or Create an account to join the conversation.

9 years 4 months ago #1266 by o_quinton7

So if user doesn't have local admin rights then they can't bypass right?

Please Log in or Create an account to join the conversation.

9 years 4 months ago #1272 by o_icemanssl22

In theory, that's correct.

Remember: Lot of smart users out there know how to decrypt or reset the local admin password without admin knowing. Just take note. Cheers!

Please Log in or Create an account to join the conversation.

9 years 4 months ago #1274 by o_ronnie101

decrypt or reset admin password? is there such technique?

Please Log in or Create an account to join the conversation.

9 years 4 months ago #1275 by o_icemanssl22

Example:

Decrypt the local Administrator password using the public decrypt key from:

msdn.microsoft.com/en-us/library/2c15cbf....aspx#endNote2?›???

Cheers!

Please Log in or Create an account to join the conversation.