Book Excerpt

Managing Windows with VBScript and WMI: Chapter 28, 'Scripting Security'

Managing Windows with VBScript and WMI Get a glimpse inside Don Jones' book "Managing Windows with VBScript and WMI" with this series of book excerpts. Below is an excerpt from Chapter 28, "Scripting Security." Click for the complete book excerpt series or purchase the book.



It's so simple for users to launch unauthorized scripts from e-mail attachments that many administrators disable scripting altogether. But you shouldn't avoid this administrative tool -- lock it down and reap the benefits instead.

Scripting has two primary security issues associated with it. First, the Windows Script Host (WSH) is included with just about every version of Windows since Windows 98. Second, WSH associates itself with a number of filename extensions, making it very easy for users to click an e-mail file attachment and launch unauthorized scripts. The knee-jerk reaction of many administrators is to simply disable scripting altogether, which also removes a beneficial administrative tool from the environment. This chapter focuses on ways to address the two primary security issues associated with scripting, which will help you configure a safer scripting environment.

Chapter 28 excerpts: 'Scripting Security'

To download the complete chapter, click for the .pdf.

Click here to return to the SearchWindowsSecurity.com Book Excerpts Library.

This was first published in April 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: