|
-
November 21st, 2011, 09:03 PM
#11
They aren't too hard to implement. I use software restrictions policies on the computer part of the GPO to block exes from %temp% %tmp% etc. This can cause some problems with installations, but you can always remove the restriction, run the install, and then add the restriction back.
The exe whitelisting is a bit more tedious. It is easy for a user to bypass, but it seems to prevent several malware infections. I haven't seen any users bypassing it, but that obviously doesn't mean that they aren't.  I use the 'Run only allowed Windows executables' on the user side of the GPO. You basically just build a list of allowed exe names.
Having users run without admin privs seems to be a key element in our stability. Sure, it means a bit more work for me, but it pays off in the long run.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
Similar Threads
-
By Goitz in forum Newbie Security Questions
Replies: 10
Last Post: April 19th, 2006, 11:02 PM
-
By deadfreeze in forum Spyware / Adware
Replies: 52
Last Post: September 1st, 2004, 05:23 PM
-
By netspyder in forum Spyware / Adware
Replies: 6
Last Post: May 9th, 2004, 07:03 AM
-
By AngelicKnight in forum Spyware / Adware
Replies: 11
Last Post: January 6th, 2004, 03:13 PM
-
By cutty in forum Newbie Security Questions
Replies: 9
Last Post: October 16th, 2003, 08:13 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote