AppLocker will block applications from running based on the descriptor. You can block programs by publisher, path, version, file name, publisher description or even hash. This feature is only available in Windows 7 and Microsoft Windows Server 2008 R2. While it can be used on an active directory domain, I use local group policy. You [...]

Hash rules are rules created in group policy that analyze software. It considers the “footprint” of software to recognize it. This means that if the program is renamed, it will still be recognized. Renaming the software is an old trick used by people who write viruses. these hash rules in Group Policy can be used [...]

this tutorial shows how to block USB drives by local group policy. This GPO setting was first available on Windows Vista. I perform this on Windows 7. Group Policy objects are only available to the professional and ultimate versions of Windows 7. These flash drives, also called thumb drives, pose a security threat to many [...]

As Microsoft Windows Server has progressed over the years additional functionality has been incorporated into its domain controllers. The level at which a forest operates is its functional level. This means that if a Microsoft Windows Server 2008 is at a Server 2000 native functional level, it can only utilize the features that were available [...]

As Microsoft Windows Server has progressed over the years additional functionality has been incorporated into its domain controllers. The level at which a domain operates is its functional level. This means that if a Microsoft Windows Server 2008 is at a 2000 Server native functional level, it can only utilize the features that were available [...]

This is a video about auditing account logon events. It records successful and failed account log on events to a Microsoft Windows server 2008 domain. In an Active Directory environment, these events will be recorded to the domain controllers event viewer and must be viewed there. This feature is available on Server 2008, 2003, and [...]

A PSO is a password policy that is available in a Microsoft Windows Server 2008 Domain Controller. It is more granular than Active Directory group policy because it is applied to a particular user or group. Group Policy Objects (GPO) sre applied to an entire organizational unit (OU). You may try to apply several PSOs [...]

This is a short video about how to create password policies in a Server 2008 Active Directory domain. The policies are already configured, but this shows how to modify them. You can also use similar methods in Microsoft Windows Server 2003 and 2000 Server. Similar settings are also available in local group policy in an [...]

This is a video on how to audit object access on a Server 2008 domain controller (DC) and a client of the domain. I deny permission to a folder for a user and then view the record in the security log in event viewer. Remember that events are always recorded on the local machine. These [...]

This is a video about how to update software through group policy. In the last video, I installed Firefox 3.0, in this video I upgrade to Firefox 3.5. I use a a Microsoft installer (MSI) package and a GPO (group policy object) in an active directory domain (requires domain controller) to do this. This operation [...]

This is a video about how to install software through group policy. I install Firefox 3.0 through a MSI (Microsoft Installer Package) that is accessible through a local share. To do this it requires a GPO (group policy object) be applied on the domain (Server with active directory). You may assign the program to specific [...]

The Security Configuration Wizard is used to create security templates as XML documents. The SCWCMD command converts one into a group policy (GPO). I do this on Microsoft Windows Server 2008 but it is also available on Microsoft Windows Server 2003. Usually, you would use this on a domain controller or in an active directory [...]