Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 969759" data-attributes="member: 32260"><p>That was a misunderstanding. You probably had in mind my words:</p><p></p><p></p><p>I had in mind your possible setup (I explained my assumptions in the previous post):</p><ol> <li data-xf-list-type="ol">SUA protected by "local H_C".</li> <li data-xf-list-type="ol">Admin unrestricted.</li> </ol><p>[URL unfurl="false"]https://malwaretips.com/threads/hard_configurator-windows-hardening-configurator.66416/post-969687[/URL]</p><p></p><p>I compared this setup to the system-wide H_C (the same settings as for your local H_C but applied for all accounts). So, I logically concluded that on your Admin account the normal H_C is much stronger (compared to your unrestricted Admin). If I correctly understood you now, you thought about a different setup.</p><p></p><p>Generally, I do not fully understand how you applied the local restrictions. I understood that you use 2 accounts (Admin and SUA).</p><ol> <li data-xf-list-type="ol">Did you use local SRP, system-wide SRP, or also ACL permissions?</li> <li data-xf-list-type="ol">What are the concrete settings applied by local SRP or system-wide SRP?</li> <li data-xf-list-type="ol">What ACL permissions were used and for which groups?</li> <li data-xf-list-type="ol">Normally the users can have write access to all folders (except Windows, Program Files, and folders of other users in the C:\Users). Did you remove ACL execution permission for your SUA account in all these folders?</li> <li data-xf-list-type="ol">Did you remove ACL execution permission for some other groups (Everyone, Authenticated users, etc.) in these folders?</li> <li data-xf-list-type="ol">Did you remove ACL execution permission for your Admin account in some folders?<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite132" alt=":unsure:" title="Unsure :unsure:" loading="lazy" data-shortname=":unsure:" /></li> </ol><p>If you used ACL then this will not work for FAT32 USB drives.</p><p>ACL permissions can block only PE files (like EXE, COM, SCR) and BAT (CMD) scripts. Many files normally blocked by SRP are still allowed (Windows Script Host scripts, HTA, JAR, MSI, and many others).</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 969759, member: 32260"] That was a misunderstanding. You probably had in mind my words: I had in mind your possible setup (I explained my assumptions in the previous post): [LIST=1] [*]SUA protected by "local H_C". [*]Admin unrestricted. [/LIST] [URL unfurl="false"]https://malwaretips.com/threads/hard_configurator-windows-hardening-configurator.66416/post-969687[/URL] I compared this setup to the system-wide H_C (the same settings as for your local H_C but applied for all accounts). So, I logically concluded that on your Admin account the normal H_C is much stronger (compared to your unrestricted Admin). If I correctly understood you now, you thought about a different setup. Generally, I do not fully understand how you applied the local restrictions. I understood that you use 2 accounts (Admin and SUA). [LIST=1] [*]Did you use local SRP, system-wide SRP, or also ACL permissions? [*]What are the concrete settings applied by local SRP or system-wide SRP? [*]What ACL permissions were used and for which groups? [*]Normally the users can have write access to all folders (except Windows, Program Files, and folders of other users in the C:\Users). Did you remove ACL execution permission for your SUA account in all these folders? [*]Did you remove ACL execution permission for some other groups (Everyone, Authenticated users, etc.) in these folders? [*]Did you remove ACL execution permission for your Admin account in some folders?:unsure: [/LIST] If you used ACL then this will not work for FAT32 USB drives. ACL permissions can block only PE files (like EXE, COM, SCR) and BAT (CMD) scripts. Many files normally blocked by SRP are still allowed (Windows Script Host scripts, HTA, JAR, MSI, and many others). [/QUOTE]
Insert quotes…
Verification
Post reply
Top
