Solved

Executble acess on a blocked machine

Posted on 2013-05-23
3
205 Views
Last Modified: 2013-06-01
Hi ,

i need to block on a windows 7 machine all usb & media devices ,
and creat an exeption for a specific executable to run from a DiskOnKey device.
is there any way using GPO on this scenario ?
or any other way of getting the job done from the OS.


Thanks,
0
Comment
Question by:yeroslav
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 39193063
blocking is done at the device level. perhaps if you have the pci_env value for the device you may be able to allow it. The problem is that the DISKONKEY device is simply a USB drive and if you allow read/execution from a USB drive then ANY software on a Diskonkey drive will work. Can you not run this software from the network?
0
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 39193087
Possibly block specific vendor and product id and can check out this article belwo using usbdeview to surface more specific device info to help blocking or allowing. On top of that I was also thinking of applocker to allow execution of specific exe either through publisher or signature hash. ..

http://www.irongeek.com/i.php?page=security/plug-and-prey-malicious-usb-devices
0
 

Author Closing Comment

by:yeroslav
ID: 39213909
Thanks.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Are client relationship the only driver of a successful MSP? While important, client relationships are only one component. Learn how else MSPs can broaden their horizon and differentiate themselves.
IT certifications are a concrete representation of continual learning on the part of the candidate.  Continual learning is necessary for the long term success of an IT professional, but are IT certifications the right path for you?
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question