RE: Restricting cmd.exe access

From: leon (leon@inyc.com)
Date: 03/14/02

• Previous message: Kevin Brown: "RE: VPN and Cisco +IIOP question"
• In reply to: Curious George: "Restricting cmd.exe access"
• Next in thread: Rooster: "RE: Restricting cmd.exe access"
• Next in thread: Rajesh Kumar D.: "Re: Restricting cmd.exe access"
• Reply: Rooster: "RE: Restricting cmd.exe access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "leon" <leon@inyc.com>
To: "'Curious George'" <chris@isabellelee.com>, <security-basics@securityfocus.com>
Date: Thu, 14 Mar 2002 13:18:30 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Why not just move Cmd.exe to a different place. Most of these
website attacks will go after the default place because that is where
most users have it. I know it is security through obscurity but it
makes another hurdle / layer / hoop for the attacker to jump through.

All the best,

Leon

- -----Original Message-----
From: Curious George [mailto:chris@isabellelee.com]
Sent: Tuesday, March 12, 2002 12:59 PM
To: security-basics@securityfocus.com
Subject: Restricting cmd.exe access

This is a slight off shoot of the scary site post. What
are the potential ramifications of restricting "system"
access to cmd.exe? My thought is with all the MS
exploits that are gaining access via some service
running in the system context, this would be a great
way to mitigate the potential impact. Thoughts?

I am also thinking, ok this is going to inhibit using the
scheduler service under the system account to run
local batches, as well as any stored procedure in
SQL that accesses the command shell, but services
could be run in another context and still have access
to the command shell...

Am I way off with this? Will this break something that I
am just not seeing?

TIA
Curious.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPJDpddqAgf0xoaEuEQKXxwCgoNYByJMqDSapbmEoNjZC2Kv8ZzQAnRx5
yzSA1ULdq0m/p1hQW2iwyQPm
=2H2Q
-----END PGP SIGNATURE-----

---

• Previous message: Kevin Brown: "RE: VPN and Cisco +IIOP question"
• In reply to: Curious George: "Restricting cmd.exe access"
• Next in thread: Rooster: "RE: Restricting cmd.exe access"
• Next in thread: Rajesh Kumar D.: "Re: Restricting cmd.exe access"
• Reply: Rooster: "RE: Restricting cmd.exe access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Restricting cmd.exe access ... are the potential ramifications of restricting "system" ... running in the system context, ... SQL that accesses the command shell, ... (Security-Basics) RE: Restricting cmd.exe access ... On Thu, 14 Mar 2002, leon wrote: ... > are the potential ramifications of restricting "system" ... > running in the system context, ... > SQL that accesses the command shell, ... (Security-Basics) Re: Restricting cmd.exe access ... Subject: Restricting cmd.exe access ... > are the potential ramifications of restricting "system" ... > running in the system context, ... > SQL that accesses the command shell, ... (Security-Basics)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > security-basics  > 2002-03