Orion is our internal benefit to implementing WMI, but the outside people coming in and wanting to use it to gather some mysterious, as of yet undefined, information is what concerns us.
>>> Steven Peck <sep...@gmail.com> 8/3/2010 11:21 AM >>> Oh. Orion. Yes, that response is somehow not a surprise to me. On Tue, Aug 3, 2010 at 11:15 AM, Joseph Heaton <jhea...@dfg.ca.gov> wrote: > 1. Yes, we are required to do this. It's supposed to be for information > gathering only, but we're trying to cover our backsides, in case they mess > something up. > Yes, we can gain benefit, in that we can use this to get WMI access for > our Orion product. > 2. Documentation is a difficult thing. The wording of their message is such > that they feel it's not a big deal for us to just give them a domain admin > account to play with. > >>>> Steven Peck <sep...@gmail.com> 8/3/2010 10:49 AM >>> > To be honest the real questions are; > 1. Are you required to do this? (Usually yes) > - if yes, can you gain benefit? (Usually you can) > 2. Do they have documentation on least privilege necessary for their > tools to run? > > > > On Tue, Aug 3, 2010 at 10:26 AM, Free, Bob <r...@pge.com> wrote: >> My experience with WMI and CMDB or security scanner products tells me >> you are out of luck, at some point, the information they require is >> situated such that they require admin privs just to be able to read it. >> >> -----Original Message----- >> From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] >> Sent: Tuesday, August 03, 2010 10:18 AM >> To: NT System Admin Issues >> Subject: Re: WMI information gathering >> >> Anyone have any idea on this one? >> >>>>> Joseph Heaton <jhea...@dfg.ca.gov> 8/2/2010 3:42 PM >>> >> We have a group that wants to come in, and "scan our servers" to gather >> information. We want to cooperate with this effort, but we don't want >> to give them access to be able to write back to the servers. Is this >> possible? Is there a tool that can be used without an admin account, in >> order to gather information from within WMI? Please contact offline for >> further details, if needed. As always, I sincerely appreciate any >> assistance any of you may be able to provide. >> >> Thanks, >> >> Joe >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
