词条 | AppLocker | ||||||||||||||||||||||||||||
释义 |
AppLocker is an application whitelisting technology introduced with Microsoft's Windows 7 operating system. It allows restricting which programs users can execute based on the program's path, publisher, or hash,[1] and in an enterprise can be configured via Group Policy. SummaryWindows AppLocker allows administrators to control which executable files are denied or allowed to execute. With AppLocker, administrators are able to create rules based on file names, publishers or file location that will allow certain files to execute. Unlike the earlier Software Restriction Policies, which was originally available for Windows XP and Windows Server 2003,[2] AppLocker rules can apply to individuals or groups. Policies are used to group users into different enforcement levels. For example, some users can be added to an 'audit' policy that will allow administrators to see the rule violations before moving that user to a higher enforcement level. AppLocker availability charts
Bypass TechniquesThere are several generic techniques for bypassing AppLocker:
References1. ^{{cite web|title=AppLocker|url=https://technet.microsoft.com/en-us/windows/applocker.aspx|work=Microsoft TechNet|publisher=Microsoft|accessdate=23 August 2012}} {{Windows Components}}2. ^{{cite web|title=Using Software Restriction Policies to Protect Against Unauthorized Software|url=https://technet.microsoft.com/en-us/library/bb457006.aspx|work=Microsoft TechNet|publisher=Microsoft|accessdate=27 July 2017}} 3. ^{{cite web | url=https://technet.microsoft.com/en-us/library/dd759131(v=ws.11).aspx| title=Windows Versions That Support AppLocker | publisher=Microsoft | accessdate=27 July 2017}} 4. ^{{cite web | url=http://blogs.windows.com/windows/b/business/archive/2012/04/18/introducing-windows-8-enterprise-and-enhanced-software-assurance-for-today-s-modern-workforce.aspx | title=Introducing Windows 8 Enterprise and Enhanced Software Assurance for Today’s Modern Workforce |work=Windows for your Business | publisher=Microsoft | date=18 April 2012 | accessdate=22 November 2012 |first=Erwin |last=Visser}} 5. ^{{cite web |url=http://www.neowin.net/news/microsoft-shows-oems-how-to-market-windows-10-talks-features-and-skus |title=Microsoft shows OEMs how to market Windows 10; talks features and SKUs |last1=Dudau |first1=Vlad |date=10 June 2015 |website=Neowin |publisher=Neowin LLC |access-date=19 June 2015}} 6. ^{{cite web |url=http://www.microsoft.com/en-us/WindowsForBusiness/Compare |title=Find out which Windows is right for you |website=Microsoft |publisher=Microsoft Inc |access-date=2 July 2015}} 7. ^{{cite web |url=https://pentestlab.blog/2017/05/08/applocker-bypass-installutil/|title=AppLocker Bypass – InstallUtil |website=Penetration Testing Lab |access-date=27 July 2017}} 8. ^{{cite web |url=https://evi1cg.me/archives/AppLocker_Bypass_Techniques.html|title=AppLocker Bypass Techniques |website= Evi1cg's blog|access-date=27 July 2017}} 9. ^{{cite web |url=http://www.hacking-tutorial.com/hacking-tutorial/how-to-bypass-windows-applocker/#sthash.LBeFrKx7.dpbs|title=How to Bypass Windows AppLocker|website= Hacking Tutorial|access-date=27 July 2017}} 10. ^{{cite web |url=https://insights.sei.cmu.edu/cert/2016/06/bypassing-application-whitelisting.html |title=Bypassing Application Whitelisting|website=CERT/CC Blog |access-date=27 July 2017}} 4 : Windows 7|Windows 8|Windows 10|Microsoft Windows security technology |
||||||||||||||||||||||||||||
随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。