I like the way you think. however at that point my audit trail flags system tampering, sends a network alert to the IT department, and I now have sufficient grounds and evidence to have you fired.
also, (and I don't yet know how to do this, I've only seen it) there is a way to ban programs by some kind of checksum, so if I do have a case of someone knowing enough to rename it to get past the blacklist, I can do it by program "fingerprint". as of yet, I have not had anyone rename a program to bypass the blacklist, though it is something that is monitored for. --- erik -----Original Message----- From: James Weatherall [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 23, 2005 08:35 To: Erik Soderquist; [email protected] Cc: [EMAIL PROTECTED] Subject: RE: How to hide vnc icon So I'd have to rename regedit.exe to something else in order to be able to modify the registry to bypass the restrictions there? ;) Wez @ RealVNC Ltd. > -----Original Message----- > From: Erik Soderquist [mailto:[EMAIL PROTECTED] > Sent: 23 November 2005 13:12 > To: [email protected] > Cc: [EMAIL PROTECTED] > Subject: RE: How to hide vnc icon > > therein lies the beauty of the domain policy's program blacklist... if > you are a member of the "CAD Users" group, which has local > admin to the > CAD machines, you are not permitted to run certain programs by domain > policy, such as regedit.exe, services.msc, etc... > > ;) > > --- erik > > -----Original Message----- > From: James Weatherall [mailto:[EMAIL PROTECTED] > Sent: Wednesday, November 23, 2005 07:03 > To: 'Steve Bostedor'; Erik Soderquist; [email protected] > Cc: [EMAIL PROTECTED] > Subject: RE: How to hide vnc icon > > > How about setting permissions on the > > HKEY_LOCAL_MACHINE\SOFTWARE\orl and > > related registry keys? You can specify only a certain group > > (excluding > > Administrators) to modify those keys. That controls things > > much tighter > > than the built-in VNC restrictions. > > Except that Administrators can just take ownership and override the > permissions you specified. :) > > Cheers, > > Wez @ RealVNC Ltd. _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
