Securing Scripts

Previous page
Table of content
Next page

Microsoft® Windows® 2000 Scripting Guide

microsoft windows 2000 scripting guide

« Previous | Next »   

Security is always a primary concern for system administrators; this is as true for scripts and scripting as it is for anything else. After all, no one wants a repeat of the ILOVEYOU virus, a script that, largely without warning, managed to wreak havoc worldwide.

WSH 5.6 includes a number of measures designed to guard against problems such as this. The ILOVEYOU virus succeeded not so much by exploiting a flaw in Windows Script Host as it did by exploiting a flaw in human nature: people are innately curious about anything that is given to them. Faced with the decision "Do you want to run this script?" and with no other information to go on, many people opted to run the script.

WSH 5.6 can help users make more intelligent choices. For example, when a user tries to run a script, WSH can be configured to display a dialog box that says, in effect, "We do not know who wrote this script, and we have no guarantee that it is safe to run. Are you sure you want to proceed?" Alternatively, system administrators can relieve users of the need to make choices at all. Instead, WSH can be configured so that users can only run scripts that have been pre-approved and digitally-signed.

This section of the chapter examines several techniques that can be used to enhance script security, including:

  • Signing scripts with digital signatures.
  • Restricting the ability of a user to run a script.
  • Disabling Windows Script Host.

Important

  • Security obviously applies to items other than scripts. It is true that hackers often use scripts to ply their trade, simply because these plain-text files are easy to write and easy to distribute. However, scripts are not the only security threat faced by system administrators; after all, executable files and batch files have been misused as well. The techniques discussed in this chapter can be a useful part of any security plan, but they are by no means an entire security plan in and of themselves.
send us your feedback Send us your feedback « Previous | Next »   

Previous page
Table of content
Next page
Microsoft Windows 2000 Scripting Guide(c) Automating System Administration 2003
Microsoft Windows 2000 Scripting Guide(c) Automating System Administration 2003
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 635
BUY ON AMAZON
MySQL Stored Procedure Programming
Adobe After Effects 7.0 Studio Techniques
MySQL Cookbook
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy