Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Do we actually need so many security programs?
Message
<blockquote data-quote="Andy Ful" data-source="post: 781054" data-attributes="member: 32260"><p>You can use SysHardener to:</p><ul> <li data-xf-list-type="ul">disable VBScript and JScript interpreters (wscript.exe and cscript.exe which can host JS, JSE, VBS, VBE, WSF, WSH files),</li> <li data-xf-list-type="ul">block PowerShell scripts execution from local drives,</li> <li data-xf-list-type="ul">block fileless PowerShell script execution (from remote locations) and other advanced functions via Constrained Language Mode.</li> </ul><p>But there are some other script Interpreters like JavaScript (mshta.exe for HTA files and hh.exe CHM files), etc. which cannot be disabled by the SysHardener ver. 1.5 (actual version). Furthermore, SysHardener does not allow whitelisting.</p><p></p><p>On Windows Pro (GPO or external configurator), one can use SRP and Windows policies to <strong>block any Interpreter</strong>. Windows Policies do not allow whitelisting, but SRP allows whitelisting VBScript, JScript, and also CMD scripts (BAT and CMD files). SRP has some advantage of compatibility and system stability, because it can block Interpreters started with medium rights and allow those started with higher rights (may be used sometimes by task scheduler).</p><p></p><p>When using OSArmor, the user can disable or restrict many Interpreters like VBScript, JScript, JavaScript, PowerShell, etc. OSArmor allow whitelisting the execution of the particular scripts by whitelisting (adding exclusions). Yet, some Interpreters are still allowed, like hh.exe (for CHM files).</p><p></p><p>There are some other options, like Excubits Bouncer driver, or Anti-Exe applications.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 781054, member: 32260"] You can use SysHardener to: [LIST] [*]disable VBScript and JScript interpreters (wscript.exe and cscript.exe which can host JS, JSE, VBS, VBE, WSF, WSH files), [*]block PowerShell scripts execution from local drives, [*]block fileless PowerShell script execution (from remote locations) and other advanced functions via Constrained Language Mode. [/LIST] But there are some other script Interpreters like JavaScript (mshta.exe for HTA files and hh.exe CHM files), etc. which cannot be disabled by the SysHardener ver. 1.5 (actual version). Furthermore, SysHardener does not allow whitelisting. On Windows Pro (GPO or external configurator), one can use SRP and Windows policies to [B]block any Interpreter[/B]. Windows Policies do not allow whitelisting, but SRP allows whitelisting VBScript, JScript, and also CMD scripts (BAT and CMD files). SRP has some advantage of compatibility and system stability, because it can block Interpreters started with medium rights and allow those started with higher rights (may be used sometimes by task scheduler). When using OSArmor, the user can disable or restrict many Interpreters like VBScript, JScript, JavaScript, PowerShell, etc. OSArmor allow whitelisting the execution of the particular scripts by whitelisting (adding exclusions). Yet, some Interpreters are still allowed, like hh.exe (for CHM files). There are some other options, like Excubits Bouncer driver, or Anti-Exe applications. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
