Day 7 – Security
With great power comes great responsibility.—Stan Lee, The Amazing Spiderman
So far We have discussed simple general things which generally every scripting language supports, but as I stated ealier Powershell is comparable with “UNIX Shell Scripting” – which is also used for “system programming” ie. Interacting with system hardware /application. And handle it. Which is not easy and knowing or unknowingly making changes on the system parameter or system setting /information could cause system to crash or impact system performance. So Powershell can do almost everything in “Windows” including application which works on Operating system as well as hardware/ drivers and so on.
Microsoft operating system was build for desktop users so mostly it was used for general users who do not have any knowledge or very little knowledge of computers. But as Microsoft is moving to enterprise domain where it has to deal with big and very big environment they have to stand in the rase of other compateters like UNIX. So they have developed “Powershell”. Which in terns uses .Net framework language but it is very powerful and can do everything on windows.
So as the phrase stated “Powershell” is a very very powerful. So what all I will be discussing now on has to be little advance and need an extra attention and causious while doing.
Please do not directly run/execute any code provided in this blog…. WE are not responsible for any harm on you system due to this scripting.
This is general recommendation from me that – NEVER Ever run the script if you don’t know the impact of it.
AS discussed in earlier /initial blog I have mansion that with Powershell you can do anything. Like
>>Working with processes –> what if you stopped all the processes — you are fired.. you are gone J
>>Working with Services -> what if you stopped all the services – congrats same result —cool isint it.
>> working with AD -> SAME
>> working with Registery -> SAME
So knowing advance things are COOL but there minor mistake and you may looooose your job…. Hence I am starting this blog here so that you will be more careful while working on the above topics in next couple of blogs.
More on this… you may ask what Microsoft has taken as the security prospect.
POWERSHELL Provides four EXECUTION POLICIES as follows (the information is from get-help about_signing)
The PowerShell execution policies are:
Restricted
– Default execution policy.
– Permits individual commands, but scripts cannot run.
AllSigned
– Scripts can run.
– Requires a digital signature from a trusted publisher on all scripts
and configuration files, including scripts that you write on the
local computer.
– Prompts you before running scripts from trusted publishers.
– Risks running signed, but malicious, scripts.
RemoteSigned
– Scripts can run.
– Requires a digital signature from a trusted publisher on scripts and
configuration files that are downloaded from the Internet (including
e-mail and instant messaging programs).
– Does not require digital signatures on scripts run from the
local computer.
– Does not prompt you before running scripts from trusted publishers.
– Risks running signed, but malicious, scripts.
Unrestricted
– Unsigned scripts can run.
– Scripts and configuration files that are downloaded from the Internet
(including Microsoft Outlook, Outlook Express and Windows Messenger)
run after warning you that the file originated from the Internet.
– Risks running malicious scripts.
Will Discuss more on securities later blog.
Vinay Thakur 