PaulDotCom mailing list archives
Blocking Unwanted programing from installing
From: digitallachance at gmail.com (Francois Lachance)
Date: Mon, 5 Apr 2010 14:21:49 -0600
That will not prevent users from installing things like Google Chrome. My users do not have local admin but yet they can install Chrome. That's because Chrome is a per-user install and will put all of it's files in the user's profile. I would do a quick Google search for application whitelisting to do what you are trying to do. Bit9 sells such a product. On Mon, Apr 5, 2010 at 6:07 AM, Butturini, Russell < Russell.Butturini at healthways.com> wrote:
That's just something that's inherent to Windows. Users who aren't members of the local administrators group aren't allowed to write to those directories. -----Original Message----- From: pauldotcom-bounces at mail.pauldotcom.com [mailto: pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Sherwyn Sent: Sunday, April 04, 2010 8:19 PM To: Bugbear; PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Blocking Unwanted programing from installing The users are none admin users. The odd thing is if one of those users log into a Windows 7 box the are blocked from installing application, but are allowed too on a windows XP machine. I can look into using GPO to block windows installer but in terms of stopping them from writing to key folders are you referring to NTFS permission or is this done via GPO? Thanks. Infolookup www.infolookup.blogspot.com www.twitter.com/infolookup -----Original Message----- From: Bugbear <gbugbear at gmail.com> Date: Sun, 4 Apr 2010 17:24:36 To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com>; infolookup at gmail.com<infolookup at gmail.com> Subject: Re: [Pauldotcom] Blocking Unwanted programing from installing Agree 100% On 4/4/10, Butturini, Russell <Russell.Butturini at healthways.com> wrote:In 2003 environments you can set group policy to disable the windows installer on workstations. However this won't knock out third party installation packagers. The best thing to do is strip local admin rights from the users and prevent them from writing files to key directories (program files, system32, etc.) ----- Original Message ----- From: Sherwyn <infolookup at gmail.com> To: Butturini, Russell; 'pauldotcom at mail.pauldotcom.com' <pauldotcom at mail.pauldotcom.com> Sent: Sun Apr 04 12:15:19 2010 Subject: Re: [Pauldotcom] Blocking Unwanted programing from installing The are running 2003. Thanks. Infolookup www.infolookup.blogspot.com www.twitter.com/infolookup -----Original Message----- From: "Butturini, Russell" <Russell.Butturini at Healthways.com> Date: Sun, 4 Apr 2010 10:57:15 To: 'infolookup at gmail.com'<infolookup at gmail.com>; 'pauldotcom at mail.pauldotcom.com'<pauldotcom at mail.pauldotcom.com> Subject: Re: [Pauldotcom] Blocking Unwanted programing from installing What version of SBS are you dealing with? 2003 or 2008? You have somemorecapabilities in 2008 than 2003 for this sort of thing, ----- Original Message ----- From: pauldotcom-bounces at mail.pauldotcom.com <pauldotcom-bounces at mail.pauldotcom.com> To: PaulDotCom Security Weekly Mailing List <pauldotcom at mail.pauldotcom.com>Sent: Sat Apr 03 20:34:27 2010 Subject: [Pauldotcom] Blocking Unwanted programing from installing Hello PDC Guru's, I am task with locking down a Microsoft SBS environment. The goal is to allow all currently installed application to be able to run but stop the installation of any new application (limewire, AOL messenger etc). I am aware that I can use a Run only list or software restriction "path rule", but since both of these can be very time consuming if the usershaslots of application installed. Is there anyway to just allow all currently installed aops run access but block installation of new apps for a set of users? Thank you in advance. Infolookup www.infolookup.blogspot.com www.twitter.com/infolookup _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com******************************************************************************This email contains confidential and proprietary information and is nottobe used or disclosed to anyone other than the named recipient of thisemail,and is to be used only for the intended purpose of this communication.************************************************************************************************************************************************************This email contains confidential and proprietary information and is nottobe used or disclosed to anyone other than the named recipient of thisemail,and is to be used only for the intended purpose of this communication.******************************************************************************_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Sent from my mobile device _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100405/96f81be8/attachment.htm
Current thread:
- Blocking Unwanted programing from installing Sherwyn (Apr 03)
- Blocking Unwanted programing from installing Butturini, Russell (Apr 04)
- Blocking Unwanted programing from installing Sherwyn (Apr 04)
- Blocking Unwanted programing from installing Butturini, Russell (Apr 04)
- Blocking Unwanted programing from installing Bugbear (Apr 04)
- Blocking Unwanted programing from installing Sherwyn (Apr 04)
- Blocking Unwanted programing from installing Butturini, Russell (Apr 05)
- Blocking Unwanted programing from installing Francois Lachance (Apr 05)
- Blocking Unwanted programing from installing Sherwyn (Apr 05)
- Blocking Unwanted programing from installing Sherwyn (Apr 04)
- Blocking Unwanted programing from installing Butturini, Russell (Apr 04)
- Blocking Unwanted programing from installing Jody & Jennifer McCluggage (Apr 04)
- Blocking Unwanted programing from installing Aaron Moss (Apr 04)