Allowed ext.

[MrBabis]

Hi.

I want to know if someone know way to block executable files like .exe .com .bat and more.
1) Disble access to windows folder for Guests and Priv.Users
2) Allow execute just allowed programs // or disable execute files that was downloaded with IE // and disable execute files from disket/CDROM // but able to executefiles that is installed in windows and from server.

I asking this becouse I have seen that type of secury but I do´nt know how to do it by myself.
I know just that them was connected to domen.

==WinXP== as base and some kind of windows server.

------------
<!--
And I want also just to know if it is possible to use Linux as doman server for windows clients?
-->

[d0ppy]

Alright... I'm a bit rusty with windows.... But look into group policies for the restrictions. I doubt you can get as specific as you'd like, but you'll get closer than you are now.


And yes, Linux can act as a DC for Windows, but you'll be limited to LDAP and ****. Linux has yet to incorporate full AD integration.

[morganlefay]

You can filter at the gateway...depending on what

some kind of windows server.

this is??

How do you get your mail??




MLF

[SirDice]

Morganlefay already hinted about this but filtering bad content (executables, viruses etc.) should be done before it actually reaches the client. So for web and email traffic I would suggest looking into proxy servers that can do content scanning. These can be used to filter out the filetypes you don't want.

And like d0ppy says, you can do a lot with group policies but probably not everything you want to do.