WDevSec 1.2
There are many ways to customize security of non-volatile objects (files, folders, services, registry keys etc.
|
There are many ways to customize security of non-volatile objects (files, folders, services, registry keys etc.) on Windows systems. However when it comes to volatile Windows kernel objects which are created mainly by drivers and services (allowing them to be contacted via these objects) and recreated every time the creator driver/process starts the situation is much worse.
There are some GUI tools (e.g. WinObj and WinObjEx) which can change access permissions (DACLs) of these objects, but tools for automated securing of them seem to be pretty rare. This is what WDevSec does.
WDevSec is a command line utility able to view and change access permissions (DACLs) on Windows kernel objects. It can be used with Task Scheduler or Group Policy startup scripts to automate execution of it and set appropriate access permissions on every system startup.
WDevSec can process devices, named pipes, files, sections, events, mutants (mutexes), semaphores, timers, event pairs, I/O completion ports, registry keys, directory objects, folders, symbolic links and other objects (including LPC ports) with /A option.
WDevSec can also run in background and automatically set DACLs when it receives device change notification or on specified time intervals.
With WDevSec comes with another utility - WDevList. This utility can list Windows kernel objects and (optionally) execute WDevSec on them. WDevList can be used in situations where several objects with similar names exist and they all need to be secured. WDevList can also provide bare listing as output for processing by other programs (such as batch scripts).
WDevSec uses SDDL strings containing only DACL. All account names in these strings are automatically turned to SIDs.
WDevSec may be a great solution to customize access to some Windows features as well as to third party software components. Almost every software which provides some kind of services to other programs accepts communication via some Windows kernel objects. Drivers normally create device objects, user mode software usually uses named pipes (objects in \??\PIPE\ device), Windows components often uses LPC ports.
tags kernel objects windows kernel access permissions can also lpc ports wdevlist can other programs some windows named pipes wdevsec can objects and these objects change access
Download WDevSec 1.2
Authors software
Similar software
WDevSec 1.2
Dâvis Moðenkovs
There are many ways to customize security of non-volatile objects (files, folders, services, registry keys etc.
AccessChk 1.03
Mark Russinovich
As a part of ensuring that they've created a secure environment Windows administrators often need to know what kind of accesses specific users or groups have to resources including files, directories, Registry keys, and Windows services.
Windows Service Finder 1.0
Enfis The Paladin
Windows Service Finder is a useful software utility for system administrators .
Change MDE Owner 1.0
Elian Soft
There is no way to change the owner of a database from MS Access menus and toolbars without importing all objects to a new database.
WMI Explorer 1.16
KS-Soft
WMI is an acronym for Windows Management Instrumentation.
ServiceView 1.3.903.8
S. Skomorohov A. Kyunov
Use this program and You get expanding control of the services.
Winobj 2.15
Mark Russinovich
WinObj is a must-have application if you are a system administrator concerned about security, a developer tracking down object-related problems, or just curious about the Object Manager namespace.
Spyware Browser 7
SILICOM INTERNET
Spyware Browser is a free and useful utility if your are an advanced user.
Diskmon 2.01
Mark Russinovich
DiskMon is an utility which logs and displays all hard disk activity on a Windows system.
Toolbarcop 3.4
Ramesh Srinivasan
Toolbarcop is a software application that can be used to eliminate malware toolbands, browser helper objects and toolbar icons in Internet Explorer.
Other software in this category
Nullsoft Beep 0.3
Nullsoft, Inc
Nullsoft Beep is an application that makes your computer sound like computers sound in the movies.
AR Soft RAM Disk 1.20
AR Soft
The AR RAM Disk is a freeware driver for Windows NT or Windows 2000.
DBX Plugin for Windows Commander Beta
Labs99
DBX Plugin is an additional component for Windows Commander allowing you to read contents of Microsoft Outlook Express files.
4th split 1.1.9.0
Sergey S. Tkachenko
4th split is used for splitting impossibly large files on blocks.
HDCopy 2.104
Kurt Zimmermann
HDCopy is recommended to make a boot disk.