Chapter 9: Stopping Unauthorized Execution

Previous page
Table of content
Next page

Overview

The holy grail of computer security is to prevent all unauthorized software, scripts, and instructions from running. Also known as a software restriction policy, the strategy is similar to the deny-by-default rule of firewalls, but on a desktop/application level. If appropriately configured and implemented, it would prevent all malware from executing locally and defeat most malicious exploits. Unfortunately, most of today's computing environments are exactly the opposite, or worse. By default, all software is allowed to run. And this is why we have the continuing magnitude of malware and hackers today.

Software restriction policies are known by many different terms, including white-listing, application control, and opt-in execution. Most end users are only vaguely familiar with the concept, using host-based firewalls, such as ZoneAlarm, that block unauthorized connections to the Internet. Conceptually, the goal is the same on all of these implementations — to prevent unauthorized software. This chapter discusses the overall issues behind preventing unauthorized software execution and then details the many ways a Windows administrator can accomplish it.


Previous page
Table of content
Next page
Professional Windows Desktop and Server Hardening
Professional Windows Desktop and Server Hardening (Programmer to Programmer)
ISBN: 0764599909
EAN: 2147483647
Year: 2004
Pages: 122
Authors: Roger A. Grimes
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
Lotus Notes and Domino 6 Development (2nd Edition)
SQL Hacks
The Complete Cisco VPN Configuration Guide
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy