Hash rule on Windows 2000 doesnt work

  • Thread starter Thread starter gotmespinnin
  • Start date Start date
G

gotmespinnin

Hi

I created a GPO to block windows games on my network, I used
hash rule to deny access to games even if users change the path or
rename the exe file. This works well on XP pcs but doesnt work on
Windows 2000 clients. Unfortunately majority of my users are on Windows
2000. Is there any other way to stop my users playing sol.exe or
spider.exe?
 
Howdy gotmespinnin!
I created a GPO to block windows games on my network, I used
hash rule to deny access to games even if users change the path or
rename the exe file. This works well on XP pcs but doesnt work on
Windows 2000 clients. Unfortunately majority of my users are on Windows
2000. Is there any other way to stop my users playing sol.exe or
spider.exe?
Click to expand...

Where did you apply the rule from? Remember: The hash, that will be
created for spider.exe on Windows XP differs from the hash, that
spider.exe will create on Windows 2000. So you will have to create two
hash rules. One with the hash of spider.exe from Windows 2000 and one
with the hash from Windows XP.

cheers,

Florian
 
Actually, I suspect he's referring to Software Restriction policy hash rules
and in that case, there is no support for Software Restriction Policy on
Win2k (and actually the hash value should be the same regardless of the
OS--that is the purpose of a hash). So, unfortunately the only way to block
certain executables on Win2k is to use the Admin. Template restriction at
User Configuration\Administrative Templates\System\Don't run specified
Windows applications. However, note that that does not prevent renaming and
running of an app, unfortunately.

--
Darren Mar-Elia
MS-MVP-Windows Server--Group Policy
Check out http://www.gpoguy.com -- The Windows Group Policy Information Hub:
FAQs, Whitepapers and Utilities for all things Group Policy-related
And, the Windows Group Policy Guide is out from Microsoft Press!!! Check it
out at http://www.microsoft.com/mspress/books/8763.asp
GPOGUY Blog: http://blogs.dirteam.com/blogs/gpoguy
 
Howdy Darren!
Actually, I suspect he's referring to Software Restriction policy hash rules
and in that case, there is no support for Software Restriction Policy on
Win2k
Click to expand...

Aahhr, right. I forgot that. There's no CSE for SRP in Windows 2000...
(and actually the hash value should be the same regardless of the
OS--that is the purpose of a hash).
Click to expand...

Well, I'm not that sure about that. As long as the OS and the service
pack level is the same, you're right. But what if the file I block via
SRP hash rule gets replaced by another file through a service pack? I
thought the hash is partly built from the file size?

cheers,

Florian
 
But what if the file I block via SRP hash rule gets replaced by another
file through a service pack? I thought the hash is partly built from the
file size?
Click to expand...

I think we're saying the same thing. The hash value is unique to the file,
based on a number of factors, including its size. This is true across OS
versions because the hashing algorithm is independent of stuff like OS
version, but yes, if you have a hash rule on a *system* file, and that file
gets updated, for whatever reason, then the hash values will change.

--
Darren Mar-Elia
MS-MVP-Windows Server--Group Policy
Check out http://www.gpoguy.com -- The Windows Group Policy Information Hub:
FAQs, Whitepapers and Utilities for all things Group Policy-related
And, the Windows Group Policy Guide is out from Microsoft Press!!! Check it
out at http://www.microsoft.com/mspress/books/8763.asp
GPOGUY Blog: http://blogs.dirteam.com/blogs/gpoguy
 
OK, hash rule doesnt work with W2K..my only other option is to create a
file sized based rule..for e.g. spider.exe is 526 KB..is it possible to
create a rule that restricts files based on size..because file size
will be the same no matter what they rename it to..
 
aahh..win2k does not support hash rules.. :(

is it possible to create a policy that will deny access to any exe file
of size 56KB?
 
Back
Top