Solved

Security Policies - restricting executable applications to signed only

Posted on 2006-07-17
3
211 Views
Last Modified: 2013-12-04
Im wondering if anyone could point me to documentation that would allow me to setup a security group policy that would restrict users in my active directory domain to executing only signed applications. I want to have implement something like the "Run Only Allowed Windows Application" rule except using authorization based on filename isnt acceptable. I want to use digital signatures as a means to restricting applications.

Tom
0
Comment
Question by:T0masz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
ID: 17127547
0
 

Author Comment

by:T0masz
ID: 17128068
Thanks, its pretty much all I needed :)

Quick question, is there any way of using digital signatures to verify .exe applications? Im curious about the security of md5 hash application, I know that its rather impossible to create another application with the same hash(been proven that its possible to generate same data but very unlikely) Im curious how often is this used in larger network enviroments?
I was under the impression that transmitting authorized hash checksums over the network would subject this to man-in-the-middle atacks... vs using digital signatures.

Tom
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17128120
Basically I wouldn't worry about that. The fact about it can be reversed using a high end pc takes time and by then the data would be of no importance.

About using digital certificates again are fall in the same class :-)

Cheers,
Rajesh
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question