Hack Proofing Windows 2000 Server

Using Application Tools

Applications are a major issue when securing a computer. One of the jobs of an administrator is to provide a stable platform for end users and the network. One of the ways you can provide that stability is by using the Application Security tool (AppSec), with which you can control what applications users are allowed to run. Another responsibility administrators may have is to run applications on the server. Using the Applications As Services utility, you can configure applications to run as services. This gives you an immediate increase in security because now a user account doesn t have to be logged on for the application to run. Both of these tools are provided in the Windows 2000 Server Resource Kit.

Using the Application Security Tool

The Application Security tool allows administrators to restrict users to running a set list of applications. Properly executed, this tool will deny attempts to run programs that haven t been authorized. This tool works very well on Terminal Server, where everyone is logging into the same server. AppSec applies only to computers, not users.

The full path name is used to restrict the file. Only executable files are restricted, not DLLs. The executable file must have the correct name and be located in the correct location. If either of these isn t the case, the application will fail to run. This stops users from running the file from other locations (that is, copying the executable from a floppy to a different location on the...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Cluster Software and Tools
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.