Securing iNet Protector service

Post your questions and problem reports here

Securing iNet Protector service

Postby CLS » Tue Feb 10, 2009 12:11 pm

Hello,
I bought the iNet Protector 3.0 Small Business License in yesterday. Today when I have installed the program on a client I doing some security test of the program and found out one strange thing, during the tests I found that a standard user can without any problem inactive the service "Internet Protector System Service (a part of iNet Protector) under Services. This feels not good at all and I hope there is a fix for this.

Best regards
Claus
CLS
 
Posts: 1
Joined: Tue Feb 10, 2009 11:55 am

Re: iNet Protector unsecure?

Postby Karlis » Fri Feb 13, 2009 10:22 pm

Of course it will be possible to stop this and any other service if you have not secured the access to Management Console.

This article covers how to do that:
http://www.pctools.com/guides/registry/detail/1303/
Karlis Blumentals
Blumentals Software
www.blumentals.net
User avatar
Karlis
Site Admin
 
Posts: 3598
Joined: Mon Jul 15, 2002 5:24 pm
Location: Riga, Latvia, Europe

Re: Securing iNet Protector service

Postby kollo » Sat Mar 14, 2009 3:52 pm

A standard user should not be able to deactivate the service "Internet Protector System Service" even if they have access to the Management Console.

I checked this out and a standard user can actually do this. It means that at next reboot the the Internet protection will be disabled. It is however not possible to stop the service immediately.

Other security related services in Windows are not possible to deactivate. E.g. if you try to deactivate the service "Event Log" as a standard user you will get a "Permission is denied" message. It seems as the permissions on the service "Internet Protector System Service" are not set properly at installation.

Edit:
Securing the service turned out to be quite easy (but don't try this if you don't have good knowledge of Windows, you might break the installation):

1. Download the SubInACL tool from Microsoft: http://www.microsoft.com/downloads/deta ... laylang=en

2. Open a command window as administrator

3. Change directory to C:\Program Files\Windows Resource Kits\Tools

4. Run the following command:
subinacl /service InternetProtectorService /revoke=everyone
(if you are not running the English version of windows you might have to substitute everyone with something else)

5. Done. Standard users can no longer deactivate the service Internet Protector System Service

kollo
kollo
 
Posts: 18
Joined: Sat Sep 22, 2007 1:33 pm


Return to iNet Protector Support

Who is online

Users browsing this forum: No registered users and 9 guests

cron