+ Post New Thread
Results 1 to 6 of 6
Windows Server 2000/2003 Thread, software restriction policies path rule in Technical; I want to use software restriction policies path rule to block .exe running from the desktop, usb drives and network ...
  1. #1

    Join Date
    Mar 2010
    Posts
    8
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    software restriction policies path rule

    I want to use software restriction policies path rule to block .exe running from the desktop, usb drives and network areas. What paths do I need to use for this to work.

  2. #2

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,658
    Thank Post
    858
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    there are different ways to block .exe's

    bad_file.exe -> blocks all instances of "bad_file.exe" running in any location
    path\to\file\*.exe -> blocks all exe files in the specified path (but doesn't drill down sub-folders IIRC) (eg: P:\folder\*.exe or \\server\share\folder\*.exe)
    %userprofile%\desktop\*.exe --> will block all exe's from running in the users desktop
    \\server\share\folder -> blocks everything lilsted in "Designated File Types" from that location

    USB drives are slightly more tricky as you cannot control the file structure so if you blocked <drive-letter>\*.exe - it would only block exes in the root folder - not the sub folders
    Also, unless you have USBDLM - then the USB Drive letters may vary!

    Would also recommend blocking via a hash rule - otherwise all they need to do is move the file or rename the file from "bad_file.exe" to "good_file.exe" to get round SRP
    Last edited by Gatt; 22nd March 2010 at 09:18 AM.

  3. #3

    Join Date
    Mar 2010
    Posts
    8
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by Gatt View Post
    there are different ways to block .exe's

    bad_file.exe -> blocks all instances of "bad_file.exe" running in any location
    path\to\file\*.exe -> blocks all exe files in the specified path (but doesn't drill down sub-folders IIRC) (eg: P:\folder\*.exe or \\server\share\folder\*.exe)
    %userprofile%\desktop\*.exe --> will block all exe's from running in the users desktop
    \\server\share\folder -> blocks everything lilsted in "Designated File Types" from that location

    USB drives are slightly more tricky as you cannot control the file structure so if you blocked <drive-letter>\*.exe - it would only block exes in the root folder - not the sub folders
    Also, unless you have USBDLM - then the USB Drive letters may vary!

    Would also recommend blocking via a hash rule - otherwise all they need to do is move the file or rename the file from "bad_file.exe" to "good_file.exe" to get round SRP
    Is it possiable to block .exe from running from a folder on the desktop.

  4. #4

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,658
    Thank Post
    858
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    yes - so long as you know what that folder name is and that the name wont change

    So %userprofile%\desktop\folder\badfile.exe - would work
    BUT - if the user renames "folder" to "renamed" then the SRP will fail as it is looking for the path above..

  5. #5

    Join Date
    Mar 2010
    Posts
    8
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I don't know the name of the folder. Can a wild card be used.

  6. #6

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,658
    Thank Post
    858
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    Not sure - been googling for that one but not seen any reference to wildcards other than for the filename...

SHARE:
+ Post New Thread

Similar Threads

  1. Software restriction policies
    By DMcCoy in forum Windows
    Replies: 0
    Last Post: 2nd November 2008, 08:38 PM
  2. Software Restriction Policies... AGAIN
    By azrael78 in forum Windows
    Replies: 9
    Last Post: 6th August 2008, 09:51 AM
  3. Software Restriction Policy (w2k3) - path question
    By indiegirl in forum How do you do....it?
    Replies: 5
    Last Post: 19th October 2006, 05:05 PM
  4. Software Restriction Policy (w2k3) - path question
    By indiegirl in forum How do you do....it?
    Replies: 0
    Last Post: 19th October 2006, 10:11 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •