Solved

Security Policies - restricting executable applications to signed only

Posted on 2006-07-17
3
210 Views
Last Modified: 2013-12-04
Im wondering if anyone could point me to documentation that would allow me to setup a security group policy that would restrict users in my active directory domain to executing only signed applications. I want to have implement something like the "Run Only Allowed Windows Application" rule except using authorization based on filename isnt acceptable. I want to use digital signatures as a means to restricting applications.

Tom
0
Comment
Question by:T0masz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
ID: 17127547
0
 

Author Comment

by:T0masz
ID: 17128068
Thanks, its pretty much all I needed :)

Quick question, is there any way of using digital signatures to verify .exe applications? Im curious about the security of md5 hash application, I know that its rather impossible to create another application with the same hash(been proven that its possible to generate same data but very unlikely) Im curious how often is this used in larger network enviroments?
I was under the impression that transmitting authorized hash checksums over the network would subject this to man-in-the-middle atacks... vs using digital signatures.

Tom
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17128120
Basically I wouldn't worry about that. The fact about it can be reversed using a high end pc takes time and by then the data would be of no importance.

About using digital certificates again are fall in the same class :-)

Cheers,
Rajesh
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Master Password 11 62
Monitoring software... 2 73
About proetction-security my RDP,Something free and eficient ? 3 88
Rensome / malware protection 9 71
As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question