How disable dos (commands)

Posted on 2002-05-22
Medium Priority
Last Modified: 2010-04-11
How can be prevented the execution of the net send command on the NT4 workstations? Is it possible to use the policy editor on the server and where has it to be arranged?
Question by:preshoek
LVL 51

Accepted Solution

ahoffmann earned 100 total points
ID: 7028270
move the command to another directory, then change directory permissions with cacls.exe, or better xcacls.exe, as you like.
Keep in mind that logon scripts are executed wit the user's permissions, so it won't be usefull if you need net there.

BTW, net send does not work if there is no messaging service running (don't know the exact name, sorry)
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 100 total points
ID: 7028483
It's the messenger service.
Do users need to use the NET command from the cmd prompt ?  You could always remove NET.EXE
LVL 51

Expert Comment

ID: 7030469
> Do users need to use the NET command ..
probaly from within logon script to map other drives ..
LVL 24

Expert Comment

ID: 7055080
What do you need?
Similar to above comments, not knowing what is needed, simple answer can be

(1) Remove it's protocol
(2) Remove cable that runs from PC to the network

Part of answer depends on the users, their education, needs, and capabilities. Note there is a big difference between a casual user freshman just trying to get through class, and a person who always carries a pocketful of tools, such as boot disk with O/S and networking commands such as "Net".

Example: To use MS-Word to write a book, you need no cable or command like "net send", or policy, or login, until ready to share a proof copy with friends.

Expert Comment

ID: 9709187
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts be awarded to ahoffman and tim_homan.
Please leave any comments here within the next seven days.


EE Page Editor

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

It's not just another paperwork submission. Serious planning and rigour to managing the whole thought processes need to be put in place. The intent is not on drilling into the details, but to share tips in getting the first thing right to kick-start…
A basic introduction to Website Security and the absolute minimal steps that anyone should take in order to protect against hostile intrusions. This is offered as a guide to getting started, not an exhaustive list of all precautions. Enjoy...
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question