Security Basics mailing list archives
RE: Re: Example Black Lists for Windows?
From: "Scott Ramsdell" <Scott.Ramsdell () cellnet com>
Date: Tue, 17 Apr 2007 09:19:57 -0400
Hello, Group Policy doesn't do a real good job of preventing executables from running. The reason is that the GPO setting for this is user only, there isn't a corresponding computer setting, so it will only stop executables that launch as the AD user. Many executables of course configure themselves to launch as local system, or with another local account. AD will only stop AD accounts from launching exes. You might want to explore your commercial options. There's quite a bit included in Windows, but this little oversight seemed to slip through. (Maybe this has changed with an extension to the adminpak.exe now that Vista is out, I'm not a Windows admin anymore and can't check.) Kind Regards, Scott Ramsdell CISSP, CCNA, MCSE Security Network Engineer -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of maps1 () btinternet com Sent: Monday, April 16, 2007 2:57 AM To: security-basics () securityfocus com Subject: Re: Re: Example Black Lists for Windows? Many thanks to everyone for the advice! I absolutely agree that a whitelist would be a much better idea in most cases, but unfortunately, politics within my company has led to a "blacklist the worst only" approach from above my head. I'll google group policy blacklists, thanks for the idea!
Current thread:
- Example Black Lists for Windows? maps1 (Apr 13)
- Re: Example Black Lists for Windows? Kurt Buff (Apr 13)
- RE: Example Black Lists for Windows? Nick Duda (Apr 13)
- Re: Example Black Lists for Windows? Ansgar -59cobalt- Wiechers (Apr 13)
- RE: Example Black Lists for Windows? David Gillett (Apr 13)
- <Possible follow-ups>
- Re: Example Black Lists for Windows? kenneth . buckler (Apr 13)
- Re: Example Black Lists for Windows? krymson (Apr 13)
- Re: Re: Example Black Lists for Windows? maps1 (Apr 16)
- RE: Re: Example Black Lists for Windows? Scott Ramsdell (Apr 17)
- RE: Re: Example Black Lists for Windows? Janes, Paul A (Apr 17)
- Re: Example Black Lists for Windows? Kurt Buff (Apr 13)