How to hide vnc icon

Erik Soderquist esoderquist "at" mcstamp.com
Wed Nov 23 13:47:00 2005


I like the way you think. however at that point my audit trail flags
system tampering, sends a network alert to the IT department, and I now
have sufficient grounds and evidence to have you fired.

also, (and I don't yet know how to do this, I've only seen it) there is
a way to ban programs by some kind of checksum, so if I do have a case
of someone knowing enough to rename it to get past the blacklist, I can
do it by program "fingerprint".

as of yet, I have not had anyone rename a program to bypass the
blacklist, though it is something that is monitored for.

--- erik 

-----Original Message-----
From: James Weatherall [mailto:jnw "at" realvnc.com] 
Sent: Wednesday, November 23, 2005 08:35
To: Erik Soderquist; vnc-list "at" realvnc.com
Cc: soderquist.erik "at" gmail.com
Subject: RE: How to hide vnc icon

So I'd have to rename regedit.exe to something else in order to be able
to
modify the registry to bypass the restrictions there? ;)

Wez @ RealVNC Ltd.
 

> -----Original Message-----
> From: Erik Soderquist [mailto:esoderquist "at" mcstamp.com] 
> Sent: 23 November 2005 13:12
> To: vnc-list "at" realvnc.com
> Cc: soderquist.erik "at" gmail.com
> Subject: RE: How to hide vnc icon
> 
> therein lies the beauty of the domain policy's program blacklist... if
> you are a member of the "CAD Users" group, which has local 
> admin to the
> CAD machines, you are not permitted to run certain programs by domain
> policy, such as regedit.exe, services.msc, etc...
> 
> ;)
> 
> --- erik
> 
> -----Original Message-----
> From: James Weatherall [mailto:jnw "at" realvnc.com] 
> Sent: Wednesday, November 23, 2005 07:03
> To: 'Steve Bostedor'; Erik Soderquist; vnc-list "at" realvnc.com
> Cc: soderquist.erik "at" gmail.com
> Subject: RE: How to hide vnc icon
> 
> > How about setting permissions on the 
> > HKEY_LOCAL_MACHINE\SOFTWARE\orl and
> > related registry keys?  You can specify only a certain group 
> > (excluding
> > Administrators) to modify those keys.  That controls things 
> > much tighter
> > than the built-in VNC restrictions.
> 
> Except that Administrators can just take ownership and override the
> permissions you specified. :)
> 
> Cheers,
> 
> Wez @ RealVNC Ltd.