Archive for May, 2016

Prevent Other Users from Accessing Windows Apps with AppLocker

May 9th, 2016 by Admin

AppLocker is a Window’s built-in application that gives the administrator a very granular control over which applications are allowed to execute and which are blocked for a Windows account. This feature is really useful if you share a computer and don’t want other users accessing certain applications.

Today we’ll walk you through how to create rules in AppLocker to prevent other users from accessing certain applications in Windows 10, 8 and 7.

How to Restrict Access to Programs with Windows AppLocker?

  1. Press Windows key + R to open the Run dialog box. Type gpedit.msc and press Enter.

    gpedit

  2. Under Local Group Policy Editor, navigate to:
    Computer Configuration -> Windows Settings -> Security Settings -> Application Control Policies -> AppLocker -> Executable Rules
  3. Right-click on Executable Rules in the left pane, and then select Create New Rule.

    applocker

  4. Click Next to bypass the Before You Begin screen. On the Permissions page, select Deny (Click Allow if you want to restrict what programs other users can access only).

    permissions-page

    Click on the Select button to choose the user or groups you want the rule to apply. When it’s done, click Next to reach the Conditions page.

  5. AppLocker rules can identify programs using the following conditions: Publisher, Path and File hash. Publisher condition relies on the digital signature of the executable file.

    conditions-page

    Here we’ll choose File hash because AppLocker can still identify the program even if it’s renamed or moved.

  6. On the File Hash page, click Browse Files and find the executable file for the application to which you want this rule to apply, or click Browse Folders if you want the system to calculate a hash for all of the executable files in a folder. Click Next.

    file-hash-page

  7. Type a name for the rule that will make it easy for you to remember what it is, and then click on Create.

    name-and-description

  8. When prompted to create the default rules, make sure you click Yes. This is to ensure that the rules you created don’t block operating system files from running.

    create-default-rules

  9. Now you will see three default rules and the new one you created.

    applocker-rules

    Restart your computer for the AppLocker rules to come into effect. When you try to run the blocked application, you’ll receive an error: “This app has been blocked by group policy. For more information, please contact your system administrator.

    app-blocked-by-group-policy

AppLocker Doesn’t Work?

AppLocker doesn’t work under either an admin account or a standard account? AppLocker not blocking application even if you set up the executable rule correctly? AppLocker relies on the built-in Application Identity service, which is normally set to manual startup type by default. Administrators should configure the service to start automatically.

To bring AppLocker back to work, follow these steps to start the Application Identity service:

  1. Press Windows key + R to open the Run dialog box. Type services.msc and press Enter.

    services-msc

  2. Right-click on the Application Identity service, and select Properties.

    services

  3. Set the Startup type to Automatic and click on the Start button to run the service.

    application-identity-service

  4. Click on Apply and then OK.

How to Block An Application from Running in Windows 10

May 9th, 2016 by Admin

Whether you’re sharing a computer with other family members or friends at home, or securing computers in a corporate environment, there may be some situations where you need to block a user account from running a certain application.

In previous post we’ve explained a way to prevent a program from running using Group Policy. Here’s another way to block a certain application from running in Windows 10, by using a registry hack. This method works with all editions of Windows 10, 8 and 7.

How to Block An Application from Running in Windows 10?

  1. Hold down the Windows Key and press R to bring up the Run dialog box. Type regedit and press Enter.
  2. In the Registry Editor, navigate to the following key:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
  3. In the left pane, right-click on Policies, and then select New -> Key, type in Explorer and press Enter. If the Explorer key already exists, just skip this step.

    new-explorer-key

  4. Select the Explorer key on the left pane. Right-click a blank area on the right side, select New -> DWORD (32-bit) Value.

    new-disallowrun-value

  5. Rename the newly-created entry to DisallowRun, and set its value to 1.

    disallowrun-value

  6. Right-click on the Explorer key on the left pane, and then select New -> Key, type in DisallowRun and press Enter.

    new-disallowrun-key

  7. Select the DisallowRun key on the left pane. Right-click on an empty space and select New -> String Value.

    new-string-value

  8. Name the new entry with the number 1 and set its value to the name of the application(.exe) that you want to block. If you want to restrict more programs, simply create more String entries with names 2, 3 and so on and set their values to the program’s exe file.

    list-of-disallowed-apps

  9. Restart your computer and try to run the blocked applications and you’ll get the error message “This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator.

    block-app-from-running

I should mention that if the user is smart enough to rename the program file, they will be able to run the program again. If this method does not meet your needs, you can use the Protect My Folders to deny access (read/modify/run/rename/copy/delete) to any application in Windows 10.

2 Ways to Configure Windows Firewall to Allow SQL Server Access

May 2nd, 2016 by Admin

By default, Windows Firewall doesn’t allow inbound / outbound requests for SQL Server. If you try to connect to a SQL Server instance from network, you might get the error saying “The server was not found or was not accessible”. In this tutorial we’ll show you 2 ways to configure Windows Firewall to allow SQL Server access.

Method 1: Allow SQL Server Access Through Control Panel

  1. Open Control Panel in Large icons or Small icons view, click on Windows Firewall.

    windows-firewall

  2. Click the link “Allow a program or feature through Windows Firewall” on the left of window.

    allow-app-through-firewall

  3. You will now see a list with all the apps which are allowed to communicate through the Windows Firewall. To change the rules, you need to click the Change Settings button. The list of rules will no longer be gray and you will be able to edit it.

    change-firewall-settings

  4. Click the “Allow another program…” button.

    add-another-program

  5. From the “Add a Program” window, click the Browse button.

    browse-program

  6. Navigate to the installation path for your SQL Server instance and select sqlservr.exe, and click Open. In my example, the location is C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe.

    sqlserv

  7. You’ll back to the “Add a Program” window and see SQL Server is added to the list. Click the Add button.

    add-sql-server

  8. SQL Server now appears in the list of Allowed programs and features. You can check any of the location types: private or public. When done, press OK.

    allowed-program

Method 2: Allow SQL Server Access Through Command Prompt

  1. Open an elevated Command Prompt.
  2. You can run the Netsh advfirewall command to open all ports for SQL Server connections. Assuming the path of your SQL Server service is C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe, copy / and paste the following commands in the Command Prompt, press Enter after each.

    netsh advfirewall firewall add rule name="SQL Server TCP" protocol=tcp dir=in action=allow program="C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" enable=yes profile=any localip=any localport=any remoteip=any remoteport=any

    netsh advfirewall firewall add rule name="SQL Server UDP" protocol=udp dir=in action=allow program="C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" enable=yes profile=any localip=any localport=any remoteip=any remoteport=any

    advfirewall

  3. When it’s done, you’ve successfully opened up all ports to allow SQL Server access through Windows Firewall.