?
Solved

Executble acess on a blocked machine

Posted on 2013-05-23
3
Medium Priority
?
212 Views
Last Modified: 2013-06-01
Hi ,

i need to block on a windows 7 machine all usb & media devices ,
and creat an exeption for a specific executable to run from a DiskOnKey device.
is there any way using GPO on this scenario ?
or any other way of getting the job done from the OS.


Thanks,
0
Comment
Question by:yeroslav
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 39193063
blocking is done at the device level. perhaps if you have the pci_env value for the device you may be able to allow it. The problem is that the DISKONKEY device is simply a USB drive and if you allow read/execution from a USB drive then ANY software on a Diskonkey drive will work. Can you not run this software from the network?
0
 
LVL 64

Accepted Solution

by:
btan earned 1500 total points
ID: 39193087
Possibly block specific vendor and product id and can check out this article belwo using usbdeview to surface more specific device info to help blocking or allowing. On top of that I was also thinking of applocker to allow execution of specific exe either through publisher or signature hash. ..

http://www.irongeek.com/i.php?page=security/plug-and-prey-malicious-usb-devices
0
 

Author Closing Comment

by:yeroslav
ID: 39213909
Thanks.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Popular third-party chat platforms like Slack, Discord, and Telegram are just a few of the many new productivity applications that are being hijacked by cybercriminals to create command-and-control (C&C) communications infrastructures for their malw…
OnPage enhanced its integration with ConnectWise Manage to offer incident responders more control over the ticket and Incident Resolution Lifecycle.
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
Progress

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question