[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] bypassing Windows Domain Group Policy Objects

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE: [Full-disclosure] bypassing Windows Domain Group Policy Objects
From: "Neil Hunt" <Neil.Hunt@xxxxxxxxxxxxxxx>
Date: Fri, 28 Apr 2006 08:51:14 +0800

Michael Holstein said:
> >
> > Other possible solution, cripple gpupdate.exe (XP) or 
> secedit.exe (2K) 
> > through permissions (eg: remove 'localsystem:execute'). 
> Deleting them will 
> > just trigger WFP to replace.
> >
> > /mike.
> >
Exibar said:
> 
> 
>    Hmmmm.....  sounds like a good plan :-)   I'll test that 
> out!   thanks!
> 
>   Ex 
> 

This does indeed work, but, if the site is using WSUS or similar, then
the machine will stick out like a sore thumb.  The windows admin here,
however, doesn't monitor WSUS, so that fact that my machine hasn't
reported in 90 days hasn't registered.

Neil

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects
  - From: KF (lists)

Prev by Date: Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
Next by Date: Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects
Previous by thread: [Full-disclosure] [USN-275-1] Mozilla vulnerabilities
Next by thread: Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects
Index(es):
- Date
- Thread