Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Windows Service Accounts and Password Expiration

from [Jack Mogren] Network Security [Permanent Link]
Subject: Windows Service Accounts and Password Expiration
Date: 28 Apr 2005 15:46:21 -0000 


  Our security policies and standards have always required passwords to expire, 
requiring account owners to change the passwords on a specific periodic basis.  
We also have standards for when generic or trusted accounts are acceptable.  
For instance, we deem the use of generic accounts acceptable in purely machine 
- to - machine batch processes.  Still we require certain criteria, including 
password expiration.
  In the Windows server world there are generic accounts called "Service" 
accounts.  "A rose by any other name ......."  Until recently, so-called 
"service" accounts have slipped by this requirement.  But system admin folks 
have become more security aware (thank you very much) and some are starting to 
ask the question.  Should Windows "service" accounts be required to have 
password expiration?  I'm getting good arguments from both sides of the issue.  
Application availability VS adherance to standards, industry best practices, 
etc.  Keep in mind that we are in a patient care environment.  Any thoughts 
from the list?

- Jack
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Windows Service Accounts and Password Expiration, Jack Mogren <=
Previous by Date:  RE: how to block ALL AIM traffic ?, Evan Littmann
Next by Date:  RE: block MSN Messenger, Bruyere, Michel
Previous by Thread:  Re: Secure web site access and PKI Certs, Scott Schwendinger
Next by Thread:  software to control domain administrators, Diego Teijeiro Ruiz
Indexes:  [Date] [Thread] [Top] [All Lists]