| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e1ac655b0512070205m4a3ef01ay@mail.gmail.com> Date: Wed Dec 7 11:24:23 2005 From: geofgeof at gmail.com (Geof) Subject: Restricting access to SVCCTL named pipe on Windows Hello, I'm trying to restrict remote access to the Service Control Manager on a Windows box in order to forbid a local admin to remotely manage the services. Indeed, with such an access, it's possible to restart services that where disabled for security reasons, like remote registry access, or to install remotely new services. (See http://www.hsc.fr/ressources/articles/win_net_srv/ch04s07s09.html for the available operations) Using the pipeaclui from bindview, I guess it's possible to define ACL that deny any access but it is said that "Anytime a named pipe is restarted (or a system reboot), the changes made using pipeaclui will be discarded and the defaults of whatever started the named pipe will be used". http://www.bindview.com/Services/RAZOR/Utilities/Windows/pipeacltools1_0.cfm So, I'm wondering if someone known how to stop definitively this feature. Thanks, Geof -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051207/20ba5eaa/attachment.html
Powered by blists - more mailing lists