Security Basics mailing list archives
Re: Patching internet facing MS systems
From: Ansgar -59cobalt- Wiechers <cobalt () planetcobalt net>
Date: Thu, 13 Mar 2008 19:47:48 +0100
On 2008-03-13 Dan Denton wrote:
Assuming the user doesn't have admin access, using group policies you can disable access to the connections tab in IE, or disable access to entire menus (tools, for instance). This also has the added advantage of blocking access to changing the user's home page and other functions.
Removing access to the GUI is pointless, because the users will still be able to change the settings in the Registry. You need to protect those settings instead, which can also be done via policies. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Patching internet facing MS systems Dan Lynch (Mar 11)
- Re: Patching internet facing MS systems Ansgar -59cobalt- Wiechers (Mar 11)
- Re: Patching internet facing MS systems Josh Haft (Mar 11)
- Re: Patching internet facing MS systems Kurt Buff (Mar 11)
- RE: Patching internet facing MS systems Dan Lynch (Mar 13)
- Re: Patching internet facing MS systems Ansgar -59cobalt- Wiechers (Mar 13)
- RE: Patching internet facing MS systems Dan Lynch (Mar 13)
- RE: Patching internet facing MS systems Dan Denton (Mar 13)
- Re: Patching internet facing MS systems Ansgar -59cobalt- Wiechers (Mar 13)
- Re: Patching internet facing MS systems Ansgar -59cobalt- Wiechers (Mar 13)
- Re: Patching internet facing MS systems Ansgar -59cobalt- Wiechers (Mar 13)
- <Possible follow-ups>
- RE: Patching internet facing MS systems Rob McShinsky (Mar 11)
- Re: Patching internet facing MS systems evilwon (Mar 11)
- Re: Patching internet facing MS systems nobledark (Mar 13)