Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: services running in windows domain (winXP clients)

from [Harlan Carvey] Network Security [Permanent Link]
Subject: Re: services running in windows domain (winXP clients)
Date: Wed, 22 Dec 2004 12:01:34 -0800 (PST) 
Christos,

I'm not entirely sure what the issue is.  There are
several ways to go about this.  

One is to simply connect to the Registry of each
machine and modify the settings for all services. 
Another is to have a startup script that checks the
running services and disables all except for the ones
you want.

Hope that helps,

Harlan

--- Christos Triantafyllidis <ctria@physics.auth.gr>
wrote:


Maybe it wasn't clear as i wrote it. What i want is
not to disable some 
services. What i want is to allow only specific
services to run. To 
apply software restriction i must know the name or
the hash of the 
software i want to restrict. Today it is trojan A
tomorrow it may be 
trojan B. if i there is a way to disable all
services except the ones 
that i approve i would be protected against both A
and B trojan without 
even know their name or hash or anything about them.

(Trojans A and B are just examples)

Christos Triantaffyllidis




ATTACHMENT part 2 application/x-pkcs7-signature

name=smime.p7s



=====
------------------------------------------
Harlan Carvey, CISSP
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
------------------------------------------

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Microsoft Vulnerabilities ARE being reported to Microsoft, ISNYC
Next by Date:  Re: services running in windows domain (winXP clients), Mike Lyman
Previous by Thread:  Re: services running in windows domain (winXP clients), Christos Triantafyllidis
Next by Thread:  Re: services running in windows domain (winXP clients), Mike Lyman
Indexes:  [Date] [Thread] [Top] [All Lists]