Network Security: Detailed info on Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects

from [Exibar] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects
Date:	Thu, 27 Apr 2006 10:42:20 -0400

----- Original Message ----- From: "Michael Holstein" <michael.holstein@csuohio.edu> To: <full-disclosure@lists.grok.org.uk> Sent: Thursday, April 27, 2006 10:37 AM Subject: Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects

System Key: [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System] Value Name: DisableGPO Data Type: REG_DWORD (DWORD Value) Value Data: (0 = default, 1 = disable group policy)
strike that .. production releases ignore this.
Other possible solution, cripple gpupdate.exe (XP) or secedit.exe (2K) through permissions (eg: remove 'localsystem:execute'). Deleting them will just trigger WFP to replace.
/mike.

  Hmmmm.....  sounds like a good plan :-)   I'll test that out!   thanks!

Ex

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, (continued) Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, Matthew Murphy Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, Morning Wood Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, Georgi Guninski Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, Matthew Murphy Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, n3td3v Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, Zh Linlin RE: [Full-disclosure] Internet Explorer User Interface Races, Redeux, Antczak, Ed [Full-disclosure] bypassing Windows Domain Group Policy Objects, Exibar Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, Michael Holstein Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, Michael Holstein Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, Exibar <= Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, James Eaton-Lee Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, Richard Bjerregaard Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, n3td3v Message not available Fwd: [Full-disclosure] Internet Explorer User Interface Races, Redeux, c0ntex Re: [Full-disclosure] Internet Explorer User Interface Races, Redeux, c0ntex

Previous by Date:	Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, Michael Holstein
Next by Date:	[Full-disclosure] [USN-274-1] MySQL vulnerability, Martin Pitt
Previous by Thread:	Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, Michael Holstein
Next by Thread:	Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, James Eaton-Lee
Indexes:	[Date] [Thread] [Top] [All Lists]