Actually, thinking about this more in the shower, you could use Microsoft's SRP's to disable msi's or even flip this on its head a turn it into a whitelist of files and file types that users are allowed to execute and by definition denying them the ability to install.
Oh, did I mention that SRP's were FREE and built into XP and newer!?! On 20 Mar 2010, at 03:20, Michael Douglas wrote: > I'm having a google fail moment... > > Is there a tool that will examine the md5/sha1 checksums of files and > report if they're on a blacklist? Does such a thing exist for Windows > Domains in enterprise sized environments? > > For instance, say you want to stop someone from installing autocad (no > idea why I picked this... just first non-malware software example that > popped in my head) on a workstation. You wouldn't use AV to prevent > it from being installed... > > What tool would be the way to go about doing this? SMS/WSUS/whatever > it's called now mainly uses filename as the ID right? > > > Thanks for helping a *nix guy learn his way in a Windows world > - Mick > > "Help me Obi-Wan Kenobi, you're my only hope" > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
