-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Why not just move Cmd.exe to a different place. Most of these website attacks will go after the default place because that is where most users have it. I know it is security through obscurity but it makes another hurdle / layer / hoop for the attacker to jump through.
All the best, Leon - -----Original Message----- From: Curious George [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 12, 2002 12:59 PM To: [EMAIL PROTECTED] Subject: Restricting cmd.exe access This is a slight off shoot of the scary site post. What are the potential ramifications of restricting "system" access to cmd.exe? My thought is with all the MS exploits that are gaining access via some service running in the system context, this would be a great way to mitigate the potential impact. Thoughts? I am also thinking, ok this is going to inhibit using the scheduler service under the system account to run local batches, as well as any stored procedure in SQL that accesses the command shell, but services could be run in another context and still have access to the command shell... Am I way off with this? Will this break something that I am just not seeing? TIA Curious. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPJDpddqAgf0xoaEuEQKXxwCgoNYByJMqDSapbmEoNjZC2Kv8ZzQAnRx5 yzSA1ULdq0m/p1hQW2iwyQPm =2H2Q -----END PGP SIGNATURE-----
