Re: how can i block apps

• Previous message: ObiWan: "Re: Smoothwall firewall"
• In reply to: Steven L Umbach: "Re: how can i block apps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 8 Feb 2005 10:27:11 -0000

"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
news:VYCdnQoEjag8tZXfRVn-jQ@comcast.com...
> Hi Jason
>
> It is a topic for more advanced users but the possibility does exist. All
> that you quoted referred to enterprise management. SRP can easily be
> accessed via Local Security Policy - secpol.msc. Hash rules are very easy
to
> create. However **WARNING** SRP can cause you computer not to start if not
> done properly and the only option to repair is a reinstall and not an
> upgrade install. This is usually a result of blocking access to needed
start
> up executables in the system folder. if anyone wants to play around with
> them it is recommended doing on an operating system that you don't mind
> being trashed.

Some home users may get as far as typing secpol.msc
But they will then have a quick look and close it without making any
changes.
If Microsoft can't make an OS which is secure when purchased instead of
expecting the user to figure out secpol.msc then they will never make a
secure OS.
This is just a general point; I do not wish to get into any arguments about
it.

Jason

> I have Ghost image available to restore OS on my test
> ox. --- Steve
>
>
> "Jason Edwards" <none1@invalid.invalid> wrote in message
> news:36prp5F52ierqU1@individual.net...
> > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> > news:s4CdnT0qbvqVNZrfRVn-tQ@comcast.com...
> >> If you are using XP Pro you can use Software Restriction Policies with
> >> either hash, certificate, or path rules. A hash rule will prevent a
> >> particular executable from ever being run no matter where it is
installed
> > on
> >> the computer or what it is named. Note that a hash rule will apply to
> >> only
> > a
> >> particular version of a file - not every version available. You also
can
> >> configure a XP Pro computer to use a default disallowed rule and then
> >> only
> >> the applications you authorize will run. SRP can be tricky to
configure,
> >> just keep in mind that shortcuts are also restricted. So it you allow
an
> >> application but it does not run when you click the shortcut, you also
> >> need
> >> to authorize the shortcut. The link below explains in much more detail.
> > SRP
> >> are very powerful once you figure how to configure it properly. ---
Steve
> >>
> >>
> >
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
> >
> > I would be interested to know what the average Windows user makes of
> > things
> > like:
> >
> > "An administrator creates the policy by using the Group Policy Microsoft
> > Management Console (MMC) snap-in for a particular Active Directory
> > container
> > site, domain, or organizational unit"
> >
> > Yes I know that's not aimed at home users but how are they going to know
> > that?
> >
> > Jason
> >
> >>
> >> "Joe" <noone@no.com> wrote in message
> >> news:20050206181211.245$rk@news.newsreader.com...
> >> > How can I block applications from running on my pc or at least
> > connecting
> >> > to the net? I'm wanting to block virtual pc type of software like
> >> > vmware
> >> > workstation and virtual pc or any other similar application. Also
would
> > it
> >> > still block the application if you download it and change the name of
> > the
> >> > exe cus people can do this as well.
> >>
> >>
> >
> >
>
>

• Previous message: ObiWan: "Re: Smoothwall firewall"
• In reply to: Steven L Umbach: "Re: how can i block apps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]