Printable View
Arg! This is not what I want Tiger! *cry*
I want to secure the NTFS permission. My password are secure, my guest is rename, my service are dead, my locally policy setting are done. The machine I want to secure is a Terminal Server where 15-20 peoples log on. They run all their software from the Terminal. I want to secure that Terminal by changing their NTFS permission on folder/program terminal user don't need that Windows install!
SDK: Sorry.... Don't cry. ;)
I was going through what I normally do to start on my Terminal Services Servers when I came across this little "feature"..... I just added it in.....
I'm just sad! Maybe I should change my mood to
Sad -- Searching NTFS Permission.
Software vendor never provide any info on the NTFS permission need to run their software and everything...
Have you taken a look at the NSA's guides to securing win2k?
They have specific documents for www.conxion.com/win2k/guides/w2k-18.pdf]securing a terminal services server [/URL] and plenty of other documents in regards to www.conxion.com/win2k/guides/w2k-8.pdf]file system resources[/URL]...
http://nsa2.www.conxion.com/win2k/download.htm
They even have the policies that you can apply..
Beware: Make sure to read the docs before you apply a policy...
Good stuff phishphreek80 but I'll give you a good example of what I want..
If you guy download the attachement and open AO.doc, you'll see exactly what I want. The info inside the document look incorrect to me but that exactly what I'm looking for.
Anyone got anything?
I got milk...
I also got a whole cooler full of beer!
But... I suppose thats not quite what you're looking for... ;)
Not really? I got a love?
Bump! I warn you! I'm gonna bump this thread over and over until... That probably the last time since getting information on NTFS permission for a software is more painful that *fill the cap with your worse nightmare, fear, etc etc*
Since everyone has thrown in everything but the kitchen sink, here is one more item to float in the puddle...
Go out and DL everyone2user. This tool sets a good baseline for locking down the rest of the box. It does precisely what the name implies. It will comb through the entire box and change the everyone NTFS permission to User. Once you do that, you can apply all the techniques here that you aren't looking for.
:)