Ad
Related Topics
See all relatives topics
News

Sex domain name still a hot topic

Published on December 05, 2005

The fate of the proposed .xxx internet domain for sex sites, which has drawn fire from US conservative groups, remains in limbo, according to the head of the group that oversees the web domain system. Read more

Dutch firm wants end of dot com

Published on November 28, 2005

A technology company in Amsterdam has revived the debate about whether the ubiquity of the .com domain makes sense for the Web, or whether a wide array of other options would be better suited for countries, companies, and individuals. Read more

ICANN Approves Biggest Expansion To Internet Domain Name Space Yet

Published on June 27, 2008

Chicago (IL) - ICANN today approved a plan that removes virtually all limits from URL extensions, which are currently limited to 21 top level domains (257 including country codes). Read more

Users report Apple iMac video glitch

Published on February 10, 2006

Apple is following-up reports that its new Intel-based iMacs are experiencing video problems preventing the full display of some graphics. Read more

Latest Reviews & Articles
System Builder Marathon: Performance & Value

System Builder Marathon: Performance & Value

Published on October 31, 2008

Three dramatically different builds face off in a show of performance, defining the real value of each. Our mainstream system is designed to meet the needs of most users. Who should spend more and who can live with less? Read more

System Builder Marathon: $500 Gaming PC

System Builder Marathon: $500 Gaming PC

Published on October 30, 2008

For the second to last day of our System Builder Marathon series, we add a $500 gaming PC to the mix. It's not going to be as quick as our other two builds, but we think Paul was able to get some serious value from this thing. Read more

Tom's SBM: The $1,500 Mainstream PC

Tom's SBM: The $1,500 Mainstream PC

Published on October 29, 2008

We're following up yesterday's $4,500 behemoth with a more affordable $1,500 mid-range build. Let's see what sort of performance (and overclocking headroom) you can get when you spend one third of the money. Read more

System Builder Marathon: The $4,500 Super PC

System Builder Marathon: The $4,500 Super PC

Published on October 28, 2008

This month's System Builder Marathon spreads the system prices out even further to $4,500, $1,500, and $500. Is today’s $4,500 system really worth three times as much as an upper-mainstream performance machine? Read more

All the Reviews & Articles
Related Content
  Tom's Hardware Forums » Windows XP » Security Admin » Preventing PSTOOLS on domain/network
 

Preventing PSTOOLS on domain/network

Add a reply



Word :   Username :  
 
Bottom
Author
 Thread : Preventing PSTOOLS on domain/network
 
sirdistik
Profile: newbie
More Information
n°861462
04-10-2008 at 06:08:28 AM

Hi,

Does anyone have any experience with restricting PSTOOLS [ http://www.sysinternals.com ] from running on a windows network running Windows server 2003 ??

we have a few clever users here who are locking out and shutting other people's PC's down remotely.

The users DON"T have any administrator right but are still able to execute the programs. I'm hoping to "nip the problem in the bud" - so to speak, by trying to take away any access that's allowing them to do it.

Thanks in advance

Related Product

Register or log in to remove.
mafadecay
Profile: member
More Information
n°861470
04-11-2008 at 01:32:28 AM

Here are 2 links worth a read:

http://desktopengineer.com/msirestrictrun
http://www.tunexp.com/news/windows-story-834.html

Here are some ideas that might work.

1) Goto Local security policy.
Under local policies and user rights assignment check users for force shutdown from a remote system. Hopefully set to admins only.

2) Also remove users form the shutdown the system policy. Only have Admins and power users allowed. This will stop local shutdown of the system. (Might stop remote shutdown also not sure)

3) Under software restriction policies create an additional rule. New path rule. Disallow the path to psshutdown.exe from pstools store folder.

4) Same software restriction policy create a new hash rule for pstools psshutdown.exe and disallow (Also apply to any other command tools you want to deny access). Even deny cmd.exe and command.exe this will stop all command line access.

5) Before long they will learn other command line tools. You can remove the run command for starters. This will cut off one avenue for them easily opening a command line. Various ways to remove run command.

Just some ideas if nobody else can come up with anything.

sirdistik
Profile: newbie
More Information
n°861471
04-11-2008 at 03:41:24 AM

This thread doesn't exist?

sirdistik
Profile: newbie
More Information
n°861472
04-11-2008 at 03:45:39 AM

Thanks for the info Mafadecay. I was hoping more for restrictions on the access level if at all possible. So far I've taken all batch file execution and command line access off which prevents them from running those scripts but i'm not sure whether that will stop other types like VB, pl, etc..

I've heard about MS's shared computer toolkit before, and it looks like i'll have to start looking into it seriously this time.. thanks again.

Any other ideas from anyone would be much appreciated!


  Tom's Hardware Forums » Windows XP » Security Admin » Preventing PSTOOLS on domain/network

Go to:
Add a reply
 

Forum map
MyDiscussions.Net Forum, Version 2007.1
© 2000-2006 No1Dev
Page generated in 0.402 seconds
Google Ads