Network Security: Detailed info on Re: services running in windows domain (winXP clients)

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Microsoft

[Top] [All Lists]

Re: services running in windows domain (winXP clients)

from [Mike Lyman] Network Security

[Permanent Link]

Subject:	Re: services running in windows domain (winXP clients)
Date:	Wed, 22 Dec 2004 14:12:43 -0600

Christos Triantafyllidis wrote:

Maybe it wasn't clear as i wrote it. What i want is not to disable some services. What i want is to allow only specific services to run. To apply software restriction i must know the name or the hash of the software i want to restrict. Today it is trojan A tomorrow it may be trojan B. if i there is a way to disable all services except the ones that i approve i would be protected against both A and B trojan without even know their name or hash or anything about them.

Software restriction policies work both in the "allow all but..." and "allow none but..." The allow all should be the easier to test and configure but the other approach should work since only those things you allowed will run.

--

Mike Lyman CISSP*
*mikelyman-security@comcast.net

/"You can't take the sky from me"/

---------------------------------------------------------------------------
---------------------------------------------------------------------------

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
services running in windows domain (winXP clients), Christos Triantafyllidis Re: services running in windows domain (winXP clients), Mike Lyman RE: services running in windows domain (winXP clients), Haralambos Mavromatidis Re: services running in windows domain (winXP clients), Christos Triantafyllidis Re: services running in windows domain (winXP clients), Harlan Carvey Re: services running in windows domain (winXP clients), Mike Lyman <= Re: services running in windows domain (winXP clients), Frank Knobbe RE: services running in windows domain (winXP clients), Burak Bayoglu RE: services running in windows domain (winXP clients), Mark Burnett RE: services running in windows domain (winXP clients), Triantafyllidis Christos RE: services running in windows domain (winXP clients), dave kleiman Re: services running in windows domain (winXP clients), Ansgar -59cobalt- Wiechers RE: services running in windows domain (winXP clients), Triantafyllidis Christos SV: services running in windows domain (winXP clients), Tevfik Karagulle RE: services running in windows domain (winXP clients), Zack Schiel RE: services running in windows domain (winXP clients), Brady McClenon

Previous by Date:	Re: services running in windows domain (winXP clients), Harlan Carvey
Next by Date:	RE: Microsoft Vulnerabilities ARE being reported to Microsoft, ISNYC
Previous by Thread:	Re: services running in windows domain (winXP clients), Harlan Carvey
Next by Thread:	Re: services running in windows domain (winXP clients), Frank Knobbe
Indexes:	[Date] [Thread] [Top] [All Lists]