Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Security Policies - restricting executable applications to signed only

Posted on 2006-07-17
3
Medium Priority
?
213 Views
Last Modified: 2013-12-04
Im wondering if anyone could point me to documentation that would allow me to setup a security group policy that would restrict users in my active directory domain to executing only signed applications. I want to have implement something like the "Run Only Allowed Windows Application" rule except using authorization based on filename isnt acceptable. I want to use digital signatures as a means to restricting applications.

Tom
0
Comment
Question by:T0masz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 2000 total points
ID: 17127547
0
 

Author Comment

by:T0masz
ID: 17128068
Thanks, its pretty much all I needed :)

Quick question, is there any way of using digital signatures to verify .exe applications? Im curious about the security of md5 hash application, I know that its rather impossible to create another application with the same hash(been proven that its possible to generate same data but very unlikely) Im curious how often is this used in larger network enviroments?
I was under the impression that transmitting authorized hash checksums over the network would subject this to man-in-the-middle atacks... vs using digital signatures.

Tom
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17128120
Basically I wouldn't worry about that. The fact about it can be reversed using a high end pc takes time and by then the data would be of no importance.

About using digital certificates again are fall in the same class :-)

Cheers,
Rajesh
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question