General GP Concepts
.. GPMC
.. Create/Edit GPOs
.. Targeting GPOs
.. Applying GPOs
.. Developer Issues
Extensions
.. Admin Templates
.... Windows Firewall
.... Internet Explorer
.. Security Policy
.. Software Installation
.. IE Maintenance
.. Scripts
Policy Exceptions
.. Loopback
.. Enforce/Block
.. Slow Links
.. WMI Filters
Reference
.. Third Party Products
.. KB Articles
.. Community
tipsandtricks |
Block known Malware sites in IE through Group Policy
Group Policy provides the option of uploading IE Security and Privacy settings into a policy which can be deployed accross a Domain. An application named SpywareBlaster can be used to populate the "Restricted Sites" zone in IE on a local computer with a current list of known Malware sites. A user can then create a new policy and use GPMC to upload the local zone information into that policy. The subkey to navigate to is User config\ Windows Settings\ Internet Explorer Maintenance\ Security. Choose "Security Zones and Content Rating" and choose to "import the current security zones and privacy settings". This may take a while.
You now have a policy which populates the "Restricted Sites" zone with known Malware sites on any machine or Domain to which you apply the policy.
Tip: It is recommended that the machine you install SpywareBlaster on be an XP SP2 machine.
Last Modified 6/16/05 1:05 PM