Re: services running in windows domain (winXP clients)

• Previous message: Harlan Carvey: "Re: services running in windows domain (winXP clients)"
• In reply to: Christos Triantafyllidis: "Re: services running in windows domain (winXP clients)"
• Next in thread: Frank Knobbe: "Re: services running in windows domain (winXP clients)"
• Reply: Frank Knobbe: "Re: services running in windows domain (winXP clients)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 22 Dec 2004 14:12:43 -0600
To: focus-ms@securityfocus.com

Christos Triantafyllidis wrote:

> Maybe it wasn't clear as i wrote it. What i want is not to disable
> some services. What i want is to allow only specific services to run.
> To apply software restriction i must know the name or the hash of the
> software i want to restrict. Today it is trojan A tomorrow it may be
> trojan B. if i there is a way to disable all services except the ones
> that i approve i would be protected against both A and B trojan
> without even know their name or hash or anything about them.
>
Software restriction policies work both in the "allow all but..." and
"allow none but..." The allow all should be the easier to test and
configure but the other approach should work since only those things you
allowed will run.

-- 
Mike Lyman CISSP*
*mikelyman-security@comcast.net
/"You can't take the sky from me"/
---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Previous message: Harlan Carvey: "Re: services running in windows domain (winXP clients)"
• In reply to: Christos Triantafyllidis: "Re: services running in windows domain (winXP clients)"
• Next in thread: Frank Knobbe: "Re: services running in windows domain (winXP clients)"
• Reply: Frank Knobbe: "Re: services running in windows domain (winXP clients)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]