RE: Windows 2003 Server - MS Rulez?

Hash restrictions are only one of four new methods for restricting software. You can restrict by path (usually you would actually be *un*restricting by path when your default policy is a disallow), you can restrict by Internet zone, you can restrict by hash, and you can restrict by code signing. There's quite a bit more to it than I've listed here, but you may want to start here:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn ol/winxppro/maintain/RstrPlcy.asp

And as far as whether or not there is a way around the hash, absolutely there is. Bring another version of the software to the machine. Its hash will be different. That's why hash rules would be better for *allowing* software under a disallow by default policy as opposed to *disallowing* under an allow by default policy.

Laura

> -----Original Message-----
> From: Street [mailto:streetseeker@mail.ru]

• Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-focus-ms