PaulDotCom mailing list archives
File checker tool?
From: k41zen at live.co.uk (k41zen)
Date: Sat, 20 Mar 2010 09:08:45 +0000
Mick, Do you want to stop them installing apps or from executing apps already on a workstation like cmd.exe? If its the latter then what you're looking for is Microsoft Software Restriction Policies (SRP's) http://technet.microsoft.com/en-us/library/bb457006.aspx. You can specify MD5 or SHA1. See clip: "A hash rule is a cryptographic fingerprint that uniquely identifies a file regardless of where it is accessed or what it is named. An administrator may not want users to run a particular version of a program. This may be the case if the program has security or privacy bugs, or compromises system stability. With a hash rule, software can be renamed or moved into another location on a disk, but it will still match the hash rule because the rule is based on a cryptographic calculation involving file contents. A hash rule consists of three pieces of data, separated by colons: MD5 or SHA-1 hash value File length Hash algorithm ID" Just so that this is balanced, HP sell a product called Appsense. Personally after seeing both I'd go with option 1. Regards, k41zen On 20 Mar 2010, at 03:20, Michael Douglas wrote:
I'm having a google fail moment... Is there a tool that will examine the md5/sha1 checksums of files and report if they're on a blacklist? Does such a thing exist for Windows Domains in enterprise sized environments? For instance, say you want to stop someone from installing autocad (no idea why I picked this... just first non-malware software example that popped in my head) on a workstation. You wouldn't use AV to prevent it from being installed... What tool would be the way to go about doing this? SMS/WSUS/whatever it's called now mainly uses filename as the ID right? Thanks for helping a *nix guy learn his way in a Windows world - Mick "Help me Obi-Wan Kenobi, you're my only hope" _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100320/baad4e44/attachment.htm
Current thread:
- File checker tool? Michael Douglas (Mar 19)
- File checker tool? Matt Nelson (Mar 19)
- File checker tool? k41zen (Mar 20)
- File checker tool? k41zen (Mar 20)
- File checker tool? Daniel (Mar 20)
- File checker tool? Jody & Jennifer McCluggage (Mar 20)
- <Possible follow-ups>
- File checker tool? Jorge A. Orchilles (Mar 21)