From Windows XP Security Technical Implementation Guide
Part of System File ACLs
Associated with IA controls: ECCD-2, ECCD-1
Failure to properly configure ACL file and directory permissions, allows the possibility of unauthorized and anonymous modification to the operating system and installed applications.
Maintain the default file ACLs, configure the Security Option: “Network access: Let everyone permissions apply to anonymous users” to “Disabled” (V-3377) and restrict the Power Users group to include no members. Configure permissions on the following so that only Administrators and System have Full (no other permissions assigned to other accounts or groups). \regedit.exe \System32\arp.exe \System32\at.exe \System32\attrib.exe \System32\cacls.exe \System32\debug.exe \System32\edlin.exe \System32\eventcreate.exe \System32\eventtriggers.exe \System32\ftp.exe \System32\nbtstat.exe \System32\net.exe \System32\net1.exe \System32\netsh.exe \System32\netstat.exe \System32\nslookup.exe \System32\ntbackup.exe \System32\rcp.exe \System32\reg.exe \System32\regedt32.exe \System32\regini.exe \System32\regsvr32.exe \System32\rexec.exe \System32\route.exe \System32\rsh.exe \System32\sc.exe \System32\secedit.exe \System32\subst.exe \System32\Systeminfo.exe \System32\telnet.exe \System32\tftp.exe \System32\tlntsvr.exe \System32\mshta.exe will have Users – Read and Execute in addition to the permissions above.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer