Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Applocker - windows 7

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Applocker - windows 7

    Was reading this article http://technet.microsoft.com/en-us/m...77windows.aspx and came to point 5.

    Will this spell the end of needing an AV on your system? You can lock-down any software application on your network.

    I am going to test this on my home computer ...

    Any thoughts.

    If you dont know what I am talking about , you can DL the tutorial from http://www.microsoft.com/downloads/d...displaylang=en
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    Keeping The Balance CybertecOne's Avatar
    Join Date
    Aug 2004
    Location
    Australia
    Posts
    660
    I havent read the article yet (I will though).

    The answer to your question is no, there will forever be a need and requirement for AV software.

    Why? Besides the fact that AppLocker does very little in protection, rather it restricts what the (already authenticated and installed by the user) software can do. You still need to prevent your computers and networks with firewalls and AV products to prevent unauthorised and malicious use of your assets as well as the chance of becoming a "zombie node"...... Really, on this point, which I continually and often re-enforce to clients I could go on and on and on and on.... and on


    CTO
    "Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
    - Albert Einstein

  3. #3
    Keeping The Balance CybertecOne's Avatar
    Join Date
    Aug 2004
    Location
    Australia
    Posts
    660
    Use it to enhance or even replace your anti-virus software, ensuring that only the software you want to run will run.
    Bull***t

    Believe only half of what you see, and none of what you hear or read.
    "Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
    - Albert Einstein

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    I thought reading was power and knowledge. Someone lied to me! /cutting up the libary card now.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by Cider View Post
    I thought reading was power and knowledge. Someone lied to me! /cutting up the libary card now.
    Reading isn't power; Reading is the electric cord, Power is the plug in ability to realize when something is bullshit.

    EDIT:

    The forever needing AV isn't totally correct; Windows has that need, but if you look at most Linux and BSD AV products, a lot of them only check for virii so you don't accidentally send one to someone running Windows. I can't remember which one has that as their product description, but it said that basically it checks for Windows virii and is merely a way to make sure you don't infect friends running Windows since they can't normally touch you anyway unless you're dumb enough to use Root for everything.
    Last edited by gore; October 15th, 2009 at 05:29 AM.

  6. #6
    Keeping The Balance CybertecOne's Avatar
    Join Date
    Aug 2004
    Location
    Australia
    Posts
    660
    Quote Originally Posted by gore
    The forever needing AV isn't totally correct; Windows has that need, but if you look at most Linux and BSD AV products, a lot of them only check for virii so you don't accidentally send one to someone running Windows. I can't remember which one has that as their product description, but it said that basically it checks for Windows virii and is merely a way to make sure you don't infect friends running Windows since they can't normally touch you anyway unless you're dumb enough to use Root for everything.
    Would the statement; "Linux & BSD OS' would be just as likely to be infected as windows providing that infections were written to attack said OS" ?

    Or are the Linux/BSD OS' naturally protected or shielded?

    I have no clue But until gore's comment I thought these OS's were simply less prone to attack as they are non-user friendly etc etc or "less popular" or simply there are just more Microsoft products in the world and they are much easier

    ?? Curious ??
    "Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
    - Albert Einstein

  7. #7
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by CybertecOne View Post
    Would the statement; "Linux & BSD OS' would be just as likely to be infected as windows providing that infections were written to attack said OS" ?

    Or are the Linux/BSD OS' naturally protected or shielded?

    I have no clue But until gore's comment I thought these OS's were simply less prone to attack as they are non-user friendly etc etc or "less popular" or simply there are just more Microsoft products in the world and they are much easier

    ?? Curious ??
    That's 50/50. Because they're only less popular on desktops:

    More than 60% of all Web Servers are running Apache, which, as you may have guessed, runs on Linux, BSD, and does run on Windows, but, most people running that are generally running it on Linux and BSD.

    So they already have a market share even bigger than Windows when it comes to servers. Some people used to say all the time "Well, if Linux / BSD were used as much as Windows, people would write virii for them!" well, Apple is aimed at the technical idiot and it's core is FreeBSD. Have you seen any Apple virii lately?

    It does have SOME truth that, if Linux and BSD were the same sized install base as Windows, yea, a lot more people would be trying to put virii on those machines, but, the truth that no one wants to admit to is that it's just not as easy.

    The last Worm for Linux? Spread around the net targeting RedHat Linux...hat was the payload? It PATCHED YOUR MACHINE FROM FURTHER INFECTION! lol.

    So yea I'm sure there would be more people TRYING to spread viruses on Linux and BSD, but Linux and BSD both make it a lot harder for it to happen.

    The non user friendly thing hasn't been true since like 2003 or so. Even then it wasn't true like it was in the late 1990s.

    Back then, yea, apparently Linux wasn't easy to use. I got my first computer in 1999, and a year later I had BSD and Linux both, and neither one was hard.

    When SUSE 8.1 Professional came out, I started using it and ONLY it on my boxes. The user friendly part was actually better than Windows XP.

    Burning a CD-ROM of an ISO in KDE on Linux, or BSD:

    Click on ISO file, have Writable CD in drive. It checks the MD5 Sum for you, without you havign to tell it too, and you click start, it burns, you're done.

    Windows? Navigate through 300 menus, make sure you set it to burn as an image so you don't have a useless Coffee Coaster after, and wait.

    SUSE and RedHat both also had hat Taskbar Security updates checker before XP did. Well sort of... The code was around then, but at least in SUSE 8.1, when I started using it, I wanted to get updates installed and was like "Well, I will go to the site and check for what I need to install" because I came from Windows and thought I had to install all these things one at a time, reboot, all that.

    I found out I didn't.... You know what I did to install updates? I clicked on the thing in the taskbar, typed root's password, and it grabbed ALL of them. And if there isn't a Kernel update, no reboot either.

    So not only could I install everything, I could also, with one mouse click, tell it "Just grab all updates for me and install them without bugging me" and it would!

    And no reboots!

    I was amazed how easy it was. And if you wanted to do it yourself, you could open YaST2, go to updates, and it showed you, in a nice GUI format, "Here are the security updates for you" and then "These ones aren't for security they are just bug fixes" and then "These ones here are new features, and new drivers we found for you" and install them....

    Even a new video driver update didn't need a reboot. You would just shut down X Windows, and load it again, and it worked!

    Shutting down X was no big deal; ALT+CTRL+BACKSPACE and it shut down and restarted X for you.

    I was amazed.

    So anyway, everything right now that isn't Windows, is somehow based on Unix. Linux, BSD, Apple's Mac OS X, all have something in common:

    They use BSD sources at their core. And there still aren't much for any viruses for these things.

    That means every illiterate Computer user who bought a Mac because they saw that Apple commercial about how they were easier than Windows, is running BSD on a super pretty GUI, without a virus. So in a way, they already have that market share that would make them popular enough to target, but in the Unix world, you have REAL user accounts.

    Remember Windows 95 and Windows 98? You could click on Cancel and get system access. NT, 2000 and Windows XP, have user accounts, and unlike those OSs, you actually have to set up a user account without root privs for yourself, which means you only use root to install stuff and do admin work, which today is so easy you rarely need to, because you can make a cron job to do almost everything for you without ever logging in as root.

    And FreeBSD has Jails and other means of making things run inside a little box that can't touch your system.

    If you aren't sure about a piece of software, run it in a jail, or somewhere like a sandbox, and it can't infect the box.

    And if you run something as a normal account, it can't infect the machine it's running on because a normal account has no root privs so it can't even look at system files.

    A user opens some exploit? Oh well, back up their files that aren't infected, make them a new account to move their crap to, and delete that account, boom, gone.

    I can go into more if you'd like me to, but I feel like I'm rambling on, so I'll stop here for now, but I'm happy to talk more lol.

  8. #8
    Keeping The Balance CybertecOne's Avatar
    Join Date
    Aug 2004
    Location
    Australia
    Posts
    660
    Nice post gore cheers on the insight

    CTO
    "Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
    - Albert Einstein

  9. #9
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Thanks. I was half asleep trying to think "OK, you wrote a paper about this once but... Oh yea, you didn't ever publish it!... Hmm, how to explain" and then, in my half asleep way, I rambled on and on. I looked at it after that and read some of it thinking "Man, I'm rambling, I can just stop here so I don't end up with like 900 pages of crap and if they want more info, I'll go into detail later when I've slept" lol. I finally got to bed around 10:30 AM and I'm up again because tonight is "The Rocky Horror Picture Show" and since I've never been to it I have to go cause my Wife said so lol.

    NP: NOFX - Theme from a NOFX Album

  10. #10
    Keeping The Balance CybertecOne's Avatar
    Join Date
    Aug 2004
    Location
    Australia
    Posts
    660
    HAHA - Have fun! Ive never been to a Rocky Horror show but heard they are fantastic
    "Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
    - Albert Einstein

Similar Threads

  1. Windows and lack of Email and Media clients
    By gore in forum Operating Systems
    Replies: 13
    Last Post: May 29th, 2009, 05:11 PM
  2. May 06 security patches
    By mohaughn in forum Microsoft Security Discussions
    Replies: 9
    Last Post: May 13th, 2006, 10:17 PM
  3. Replies: 6
    Last Post: October 5th, 2004, 08:26 AM
  4. Windows 2003 Server Vulnerability
    By warl0ck7 in forum Microsoft Security Discussions
    Replies: 7
    Last Post: August 14th, 2003, 12:23 PM
  5. OS History and other info.
    By Remote_Access_ in forum Security Archives
    Replies: 9
    Last Post: January 12th, 2002, 03:02 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •