Mick, Do you want to stop them installing apps or from executing apps already on a workstation like cmd.exe? If its the latter then what you're looking for is Microsoft Software Restriction Policies (SRP's) http://technet.microsoft.com/en-us/library/bb457006.aspx.
You can specify MD5 or SHA1. See clip: "A hash rule is a cryptographic fingerprint that uniquely identifies a file regardless of where it is accessed or what it is named. An administrator may not want users to run a particular version of a program. This may be the case if the program has security or privacy bugs, or compromises system stability. With a hash rule, software can be renamed or moved into another location on a disk, but it will still match the hash rule because the rule is based on a cryptographic calculation involving file contents. A hash rule consists of three pieces of data, separated by colons: MD5 or SHA-1 hash value File length Hash algorithm ID" Just so that this is balanced, HP sell a product called Appsense. Personally after seeing both I'd go with option 1. Regards, k41zen On 20 Mar 2010, at 03:20, Michael Douglas wrote: > I'm having a google fail moment... > > Is there a tool that will examine the md5/sha1 checksums of files and > report if they're on a blacklist? Does such a thing exist for Windows > Domains in enterprise sized environments? > > For instance, say you want to stop someone from installing autocad (no > idea why I picked this... just first non-malware software example that > popped in my head) on a workstation. You wouldn't use AV to prevent > it from being installed... > > What tool would be the way to go about doing this? SMS/WSUS/whatever > it's called now mainly uses filename as the ID right? > > > Thanks for helping a *nix guy learn his way in a Windows world > - Mick > > "Help me Obi-Wan Kenobi, you're my only hope" > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
