Anonymous User with Admin Access

  • Thread starter Mervin Pearce [SACS]
  • Start date
M

Mervin Pearce [SACS]

I have seen one specific box in an environment which I tested which has the
IUSR_%MACHINENAME% with ADMIN rights. I have included a PNG file and if
this is blocked I have added a link.

http://www.spisat.com/images/aa.png

Has anyone seen something like this?
 
J

James Matthews

hmm I have never seen it! But i would jump to hacker right away!

--

http://www.goldwatches.com/
http://www.jewelerslounge.com/
"Mervin Pearce [SACS]" <nospam@spam.com> wrote in message
news:eiUPYkK8HHA.1212@TK2MSFTNGP05.phx.gbl...
>I have seen one specific box in an environment which I tested which has the
>IUSR_%MACHINENAME% with ADMIN rights. I have included a PNG file and if
>this is blocked I have added a link.
>
> http://www.spisat.com/images/aa.png
>
> Has anyone seen something like this?
>
>
 
R

Roger Abell [MVP]

What is your actual question.
Can the Iusr_ be made member of Administrators? Sure.
Is it that way without someone making it so? Of course not.
Should someone do that? No.
Have I seen someone do that? Yes. People that do not
know or have time to find out why something is not working
often "cure" the issues by granting admin, and yes, I have
seen an "admin" do that with Iusr_ before.

Roger

"Mervin Pearce [SACS]" <nospam@spam.com> wrote in message
news:eiUPYkK8HHA.1212@TK2MSFTNGP05.phx.gbl...
>I have seen one specific box in an environment which I tested which has the
>IUSR_%MACHINENAME% with ADMIN rights. I have included a PNG file and if
>this is blocked I have added a link.
>
> http://www.spisat.com/images/aa.png
>
> Has anyone seen something like this?
>
>
 
M

Mervin Pearce [SACS]

Thanks, I believe this was a server rename and the IWAM_.. and IUSR_..
accounts made administrators due to some things not working after this
change. I have another 52 domains in this environment which this was not
the case and a single finding was interesting.

The question was just a global, have you seen this with some of the security
reviews that we are performing?

Best Regards
Mervin
 
You must log in or register to reply here.

Similar threads

W
Can't access volume licensing
Replies
0
Views
21
Westy Weijts
W
C
  • Article
Windows Terminal Preview 1.22 Release
Replies
0
Views
54
Christopher Nguyen
C
C
Batch file with admin user name pre populated
Replies
0
Views
39
Chicken_Farmer_66
C
C
Batch file with admin user name pre populated
Replies
0
Views
33
Chicken_Farmer_66
C
J
Windows color management denying me access to change system defaults, any ideas?
Replies
0
Views
39
Joshua La-Page
J
Back
Top Bottom