SoylentNews

upstart [soylentnews.org] writes:

████ # This file was generated bot-o-matically! Edit at your own risk. ████

upstart [soylentnews.org] writes:

Lockdown [d7xtech.com]:

Current version:  v1.1(released 2021-06-08)

Lockdown is a preventative measure for use against malware/ransomware attacks, which works by leveraging Windows Software Restriction Policies to prevent programs from running unexpectedly and from blocked locations.  Lockdown is designed in the opposite way that CryptoPrevent works with SRP, in that Lockdown by default blacklists the entire file system, and whitelisting must be applied to allow programs to run (even built-in Windows programs!)  Lockdown also goes a step further and restricts not only executables, but DLLs and other code libraries as well.

Lockdown may also be used simply to restrict a PC to running only certain applications, keeping your end users out of trouble.

Lockdown is designed for ADVANCED USERS ONLY, who should be somewhat familiar with Software Restriction Policies.  If you don’t understand anything regarding usage of the program, that isn’t you, and you should look to our  CryptoPrevent [d7xtech.com] instead for similar protections.

Usage:

When Lockdown is enabled, by default no executables will run except in whitelisted locations.  When enabled Lockdown will automatically whitelist the Windows directory (and all subdirs) as well as Program Files, the Lockdown directory itself, and all shortcuts will be allowed to run (although the file on the other end of the shortcut will be subject to SRP rules.)  Lockdown does not whitelist your downloads folder or desktop by default.

WARNING:  REMOVAL OF DEFAULT RULES CAN RENDER WINDOWS UNUSABLE.

WARNING:  REMOVAL OF DEFAULT RULES CAN RENDER WINDOWS UNUSABLE.

WARNING:  REMOVAL OF DEFAULT RULES CAN RENDER WINDOWS UNUSABLE.

That being said, you can remove default rules if you are prepared to add whitelist rules for the bare minimum of files listed at the bottom of this Microsoft article [microsoft.com].

Lockdown will need to be disabled for proper operation of some applications (or their program paths must be whitelisted.)  This will occur with any app that utilizes non-standard locations for it’s executables, such as anywhere in %appdata%.

After applying Lockdown settings (enabling/disabling or addition/removal of whitelist or blacklist items) you must log out or reboot the PC for the policies to definitely take effect; this is due to the way Group Policy works.

Lockdown has the following command line arguments for silent usage:

• /enable
• /disable
• /whitelist=[item]    — Add an item to the whitelist
• /-whitelist=[item]    — Remove an item from the whitelist
• /blacklist=[item]    — Add an item from the blacklist
• /-blacklist=[item]    — Remove an item from the blacklist
• /ImportWhitelist=[path\file]    — Import a whitelist from an exported file.
• /ImportBlacklist=[path\file]    — Import a blacklist from an exported file.
• /ExportWhitelist=[path\file]    — Export the current whitelist to file.
• /ExportBlacklist=[path\file]    — Export the current blacklist to file.
• gpupdate — Equivalent to running the Windows command gpupdate /force /wait:0 as it is used to refresh group policy, however as mentioned above, due to the way Windows operates it you will likely need to log out or reboot for changes to be applied fully.

Command line arguments can be applied and stacked on one command line, like this:

Lockdown.exe /enable /blacklist=syskey.exe /blacklist=vssadmin.exe /whitelist=%appdata%\ACME /gpupdate

Lockdown can be deployed as a single .exe file for command line usage, however the included Lockdown Resources directory is required for the graphical user interface mode.

Compatibility:

Lockdown is compatible with all versions of Windows from XP to 10, including Home editions which normally do not allow for Group Policy manipulation.  Lockdown is also compatible with anti-virus software of any type, however depending on the A/V you may need to apply whitelisting to the program’s folders if not in Program Files.

Lockdown is NOT compatible with CryptoPrevent [d7xtech.com] or any other implementation of Windows Software Restriction Policies (e.g. Group Policy).

License

Lockdown is free for personal usage, however support is not provided without purchase.  Commercial usage requires purchase.

Purchase for Commercial Usage Lockdown for Commercial UsageIncludes product support.Price: $99.00Which download is right for you?

Two downloads for Lockdown exist on this page, a ‘portable’ download which can be run without installation, and an ‘installer’ download which is to be installed on the system like a standard program (yes, it can also be uninstalled of course!)

Lockdown (installer) is best for most everyone who wishes to have an installer with uninstall support, start menu/shortcuts to launch the app, etc.

Downloaded 211 times

Lockdown (portable) is designed for deployment and usage by IT Professionals.

Downloaded 319 times

Original Submission