Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Blocking Instant Messaging Applications

From: Murad Talukdar <talukdar_m () subway com>
Date: Tue, 22 Nov 2005 16:08:11 +1000
Hi Nick--do you use the hash of the binary because there's a way round it if
you just used the .exe name? So clever users can rename the file and be back
online?

Regards
Murad Talukdar

-----Original Message-----
From: Nick Duda [mailto:nduda () VistaPrint com] 
Sent: Tuesday, November 22, 2005 4:07 AM
To: Gaddis, Jeremy L.; security-basics () securityfocus com
Subject: RE: Blocking Instant Messaging Applications

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Some people will arguing how much this help, but it has helped us out a lot.

We use a GPO with a Software Restriction Policy. We then restrict all IM
programs via the hash of the binary. This can be hard to maintain because
each new or old version you need to obtain the hash of the binary. I'm still
in search for some master hash database. It works well for what its worth.
Combined with other measures it works out pretty good.

- - Nick
Previous By Date Next
Previous By Thread Next

Current thread: