Re: how can i block apps

From: Jason Edwards (none1_at_invalid.invalid)
Date: 02/08/05

  • Next message: Jason Edwards: "Re: Is complete home security possible?"
    Date: Tue, 8 Feb 2005 10:27:11 -0000
    
    

    "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
    news:VYCdnQoEjag8tZXfRVn-jQ@comcast.com...
    > Hi Jason
    >
    > It is a topic for more advanced users but the possibility does exist. All
    > that you quoted referred to enterprise management. SRP can easily be
    > accessed via Local Security Policy - secpol.msc. Hash rules are very easy
    to
    > create. However **WARNING** SRP can cause you computer not to start if not
    > done properly and the only option to repair is a reinstall and not an
    > upgrade install. This is usually a result of blocking access to needed
    start
    > up executables in the system folder. if anyone wants to play around with
    > them it is recommended doing on an operating system that you don't mind
    > being trashed.

    Some home users may get as far as typing secpol.msc
    But they will then have a quick look and close it without making any
    changes.
    If Microsoft can't make an OS which is secure when purchased instead of
    expecting the user to figure out secpol.msc then they will never make a
    secure OS.
    This is just a general point; I do not wish to get into any arguments about
    it.

    Jason

    > I have Ghost image available to restore OS on my test
    > ox. --- Steve
    >
    >
    > "Jason Edwards" <none1@invalid.invalid> wrote in message
    > news:36prp5F52ierqU1@individual.net...
    > > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
    > > news:s4CdnT0qbvqVNZrfRVn-tQ@comcast.com...
    > >> If you are using XP Pro you can use Software Restriction Policies with
    > >> either hash, certificate, or path rules. A hash rule will prevent a
    > >> particular executable from ever being run no matter where it is
    installed
    > > on
    > >> the computer or what it is named. Note that a hash rule will apply to
    > >> only
    > > a
    > >> particular version of a file - not every version available. You also
    can
    > >> configure a XP Pro computer to use a default disallowed rule and then
    > >> only
    > >> the applications you authorize will run. SRP can be tricky to
    configure,
    > >> just keep in mind that shortcuts are also restricted. So it you allow
    an
    > >> application but it does not run when you click the shortcut, you also
    > >> need
    > >> to authorize the shortcut. The link below explains in much more detail.
    > > SRP
    > >> are very powerful once you figure how to configure it properly. ---
    Steve
    > >>
    > >>
    > >
    http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
    > >
    > > I would be interested to know what the average Windows user makes of
    > > things
    > > like:
    > >
    > > "An administrator creates the policy by using the Group Policy Microsoft
    > > Management Console (MMC) snap-in for a particular Active Directory
    > > container
    > > site, domain, or organizational unit"
    > >
    > > Yes I know that's not aimed at home users but how are they going to know
    > > that?
    > >
    > > Jason
    > >
    > >>
    > >> "Joe" <noone@no.com> wrote in message
    > >> news:20050206181211.245$rk@news.newsreader.com...
    > >> > How can I block applications from running on my pc or at least
    > > connecting
    > >> > to the net? I'm wanting to block virtual pc type of software like
    > >> > vmware
    > >> > workstation and virtual pc or any other similar application. Also
    would
    > > it
    > >> > still block the application if you download it and change the name of
    > > the
    > >> > exe cus people can do this as well.
    > >>
    > >>
    > >
    > >
    >
    >


  • Next message: Jason Edwards: "Re: Is complete home security possible?"

    Relevant Pages

    • RE: SQL Server 2005 faulure when updating to SP1
      ... Microsoft Online Partner Support ... Get Secure! ... When responding to posts, please "Reply to Group" via your newsreader so ... Jason K. ...
      (microsoft.public.sqlserver.setup)
    • Re: Linux and Blaster
      ... Then the fault lies with those who don't patch their workstations or secure ... Jason wrote: ... > Seriously Robert how many are out there for linux? ...
      (microsoft.public.security)