Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: bypassing Windows Domain Group Policy Objects

From: "Neil Hunt" <Neil.Hunt () bdigital com au>
Date: Fri, 28 Apr 2006 08:51:14 +0800
Michael Holstein said:


Other possible solution, cripple gpupdate.exe (XP) or 

secedit.exe (2K) 

through permissions (eg: remove 'localsystem:execute'). 

Deleting them will 

just trigger WFP to replace.

/mike.


Exibar said:



   Hmmmm.....  sounds like a good plan :-)   I'll test that 
out!   thanks!

  Ex 



This does indeed work, but, if the site is using WSUS or similar, then
the machine will stick out like a sore thumb.  The windows admin here,
however, doesn't monitor WSUS, so that fact that my machine hasn't
reported in 90 days hasn't registered.

Neil

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: