Restricting the Command Line Could This Work ?

Found this trick on one of the Forums

anyway it suggest that you disable the CMD by adminstrative Right
to protect against hacking Could this work or it's just useless

 

You could always restrict permissions by right clicking on CMD, selecting properties and then selecting the security tab. From there you can Allow or Deny permissions for system and your user account. If you deny, you can always revert back to allow if you need to.

Or...

You can lock down CMD through group policy.

In theory, setting restrictions for CMD should deny access to attacks accessing CMD as well.

If you deny all permissions, CMD won't run at all. But you do have options here, you can also deny access in certain areas: Modify, Read & Execute, Read, Write

What version of Windows are you running?

 

Hi, yes definately

I have it blocked with ProcessGuard, but other HIPS etc should be able to also.



If i try to run it without temporally allowing it, i get this

 

Win7 x64

But it's good in defending against Metasploit Like attacks ?

the question Remain how to stop CMD

by Using Hips or group policy ?

isn't group policy bypassed by Escalations of Privileges ? if that then the Hips is better

Or using an anti executable is better ? or it will protect against those kind of attacks in the First Place

 

I can't speak for how well it works on Win7 or 64 bit, but on XP and older I block user mode access to command line via classic HIPS. With Win 7 and 64 bit restricting how much kernel access HIPS can have, the control might not be as complete. The only way to know for sure is to test it.