Educause Security Discussion mailing list archives
Re: What's wrong with application whitelisting?
From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Wed, 7 Apr 2010 12:17:30 +1200
sent via Iron port test set up. Please report any oddities :) On 7/04/2010, at 12:55 AM, Brad Judy wrote:
Application “whitelisting” doesn’t have to be a long list, but it does tie into removing admin rights. If you use the native software restriction policies in Windows GPOs, you can simply allow all applications residing in C:\Windows\* and C:\Program Files\*, and allow link files from anywhere (for those shortcuts on the desktop and start menu). Naturally, if you have applications running from other locations, you’d have to add those paths too. While not as tightly locked down as hashes, it should be way easier to maintain and still address the core issues *if* users do not have admin rights.
Thanks Brad -- that is much fuller explanation. This is what we are looking at for our labs. In particular you should be able to stop things from running of USB drives not only will it slow down malware it will also slow down the gamers and folk running p2p filesharing of their usb drives that are against policy. Russell
Current thread:
- What's wrong with application whitelisting? Watkins, Lewis (Apr 05)
- <Possible follow-ups>
- Re: What's wrong with application whitelisting? Gibson, Nathan J. (HSC) (Apr 05)
- Re: What's wrong with application whitelisting? John Ladwig (Apr 05)
- Re: What's wrong with application whitelisting? Basgen, Brian (Apr 05)
- Re: What's wrong with application whitelisting? Joel Rosenblatt (Apr 05)
- Re: What's wrong with application whitelisting? Russell Fulton (Apr 05)
- Re: What's wrong with application whitelisting? Eric Case (Apr 05)
- Re: What's wrong with application whitelisting? Brad Judy (Apr 06)
- Re: What's wrong with application whitelisting? Howe, Joe (Apr 06)
- Re: What's wrong with application whitelisting? Calcutt, Andrew (Apr 06)
- Re: What's wrong with application whitelisting? Russell Fulton (Apr 06)
- Re: What's wrong with application whitelisting? Jimi Schwar (Apr 07)
- Re: What's wrong with application whitelisting? Watkins, Lewis (Apr 20)
- Re: What's wrong with application whitelisting? Gene Spafford (Apr 20)
- Re: What's wrong with application whitelisting? Leo Song (May 13)
- Re: What's wrong with application whitelisting? Everett, Alex D (May 13)