RE: Windows 2003 Server - MS Rulez?
From: Laura A. Robinson (larobins_at_bellatlantic.net)
Date: 05/24/03
- Previous message: Laura A. Robinson: "RE: Windows 2003 Server - MS Rulez?"
- In reply to: Street: "Windows 2003 Server - MS Rulez?"
- Next in thread: Street: "Re[2]: Windows 2003 Server - MS Rulez?"
- Reply: Street: "Re[2]: Windows 2003 Server - MS Rulez?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Street'" <streetseeker@mail.ru>, <focus-ms@securityfocus.com> Date: Fri, 23 May 2003 18:34:48 -0400
Hash restrictions are only one of four new methods for restricting software.
You can restrict by path (usually you would actually be *un*restricting by
path when your default policy is a disallow), you can restrict by Internet
zone, you can restrict by hash, and you can restrict by code signing.
There's quite a bit more to it than I've listed here, but you may want to
start here:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/winxppro/maintain/RstrPlcy.asp
And as far as whether or not there is a way around the hash, absolutely
there is. Bring another version of the software to the machine. Its hash
will be different. That's why hash rules would be better for *allowing*
software under a disallow by default policy as opposed to *disallowing*
under an allow by default policy.
Laura
> -----Original Message-----
> From: Street [mailto:streetseeker@mail.ru]
> Sent: Friday, May 23, 2003 6:02 PM
> To: focus-ms@securityfocus.com
> Subject: Windows 2003 Server - MS Rulez?
>
>
> Hello list. Today I have attended to official presentation of
> Microsoft Windows 2003 Server. And the representatives of
> Microsoft gave to my organisation an evaluation version of
> 2003 Server. That thing looks very secure, i.e. known methods
> of attack did not gave a damn thing. Also I learned an
> interesting feature - prohibition of launch of any program is
> not made by its exe name - it makes a hash from the body of
> program and politics are applied using this hash. I wonder
> whether this method is secure and if there are any ways to defeat it.
>
> Any thoughts? Thank you in advance.
>
> --
> Best regards,
> Street mailto:streetseeker@mail.ru
>
>
> --------------------------------------------------------------
> ---------------
> *** Wireless LAN Policies for Security & Management - NEW
> White Paper *** Just like wired networks, wireless LANs
> require network security policies that are enforced to
> protect WLANs from known vulnerabilities and threats.
> Learn to design, implement and enforce WLAN security policies
> to lockdown enterprise WLANs.
>
> To get your FREE white paper visit us at:
> http://www.securityfocus.com/AirDefense-focus-ms
> --------------------------------------------------------------
> ----------------
>
-----------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-focus-ms
------------------------------------------------------------------------------
- Previous message: Laura A. Robinson: "RE: Windows 2003 Server - MS Rulez?"
- In reply to: Street: "Windows 2003 Server - MS Rulez?"
- Next in thread: Street: "Re[2]: Windows 2003 Server - MS Rulez?"
- Reply: Street: "Re[2]: Windows 2003 Server - MS Rulez?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
