Re: Any Way to Stop Service Start and Stop Over Network?
- From: jwgoerlich@xxxxxxxxx
- Date: Mon, 08 Oct 2007 02:56:28 -0700
Hello Will,
To disable services from being started (T), stopped (O), or paused (P)
from the network, download SubInACL and run the following command:
SubInACL /Service \\%computername%\(service name, like Alerter) /
Deny=Network=TOP
People with appropriate permissions will still be able to restart the
service when logged onto the console or RDP. They will not be able to
restart the service manually, though they will be able to view its
status.
Hope this helps,
J Wolfgang Goerlich
Related Links:
Download SubInACL
http://www.microsoft.com/downloads/details.aspx?familyid=E8BA3E56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
Special identities: Network
http://technet2.microsoft.com/windowsserver/en/library/54fb39d6-81e2-42c2-ac23-7c0f4dc81a111033.mspx?mfr=true
On Sep 28, 2:19 pm, "Will" <westes-...@xxxxxxxxxxxxxx> wrote:
If a Windows XP or 2003 computer has File & Printer Sharing turned on, is
there any way to prevent it from acting on service start and stop control
messages it receives over the network? I want service start and stop to be
a console action only.
Assuming NetBIOS over TCP is turned off on the network adapter that has File
& Printer Sharing turned on, will service and stop messages only be possible
over port 445, or are there other channels to accomplishing the same thing?
If there is no way to control this with Microsoft's group policy or other
security settings, then is there any third party product that would at least
monitor for this condition and send out notifications if any attempt to
start or stop a service over the network takes place?
--
Will
.
- Follow-Ups:
- Prev by Date: Software Audit & Enforcement - Required?
- Next by Date: Re: Software Audit & Enforcement - Required?
- Previous by thread: Software Audit & Enforcement - Required?
- Next by thread: Re: Any Way to Stop Service Start and Stop Over Network?
- Index(es):
Relevant Pages
|
