RE: Disabling sharing and group policies

• Previous message: ~Jean-Marc~: "Re: Disable USB on a per user basis?"
• In reply to: Enrico Pastrello: "RE: Disabling sharing and group policies"
• Next in thread: Dana Smith: "RE: Disabling sharing and group policies"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Enrico Pastrello" <epastrello@altevie.com>, <focus-ms@securityfocus.com>
Date: Tue, 9 Sep 2003 21:11:43 -0700

yes they can. In-fact, anyone who has physical access to the box can render
the majority of group policy objects useless, but that's another story. I'm
not too clear on what you are wanting to do. If you just want to get rid of
the everyone share on a local machine, disallow all anonymous access and
disable the guest account. the everyone share will still be there but it
will be effectively disabled by these settings. group policies are not
really needed to do this. Somebody please correct me if this is not the
case.

-----Original Message-----
From: Enrico Pastrello [mailto:epastrello@altevie.com]
Sent: Tuesday, September 09, 2003 8:40 AM
To: focus-ms@securityfocus.com
Subject: RE: Disabling sharing and group policies

Maybe I'm saying something quite stupid but since group policies are saved
in the registry,
machine administrators can easilly bypass them.

Greetings,
Enrico Pastrello

-----Original Message-----
From: Matthew Wagenknecht [mailto:Matthew.Wagenknecht@quantum.com]
Sent: luned́ 8 settembre 2003 18.49
To: focus-ms@securityfocus.com
Subject: Disabling sharing and group policies

Is there a way with Group Policies to disable sharing without pulling users
from the Administrator group or killing adminstrative shares? I'm looking
for a way to reduce "everyone" shares without flogging end users. Strangely,
that actually sounds fun.. ;c)

Please keep flames off the list.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Matt Wagenknecht, CISSP
Security Administrator
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Never be afraid to try something new.
Remember, amateurs built the ark; professionals built the Titanic.

This email may contain confidential and privileged information for the sole
use of the intended recipient. Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact
the sender and delete all copies of this email message.

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security
Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security
Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

• Previous message: ~Jean-Marc~: "Re: Disable USB on a per user basis?"
• In reply to: Enrico Pastrello: "RE: Disabling sharing and group policies"
• Next in thread: Dana Smith: "RE: Disabling sharing and group policies"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]