Turn off Bypass parameter

This topic contains 4 replies, has 3 voices, and was last updated by  Curtis Smith 2 weeks, 2 days ago.

  • Author
    Posts
  • #83587

    Wei-Yen Tan
    Participant

    Hi,

    I work for an outsourcing company. We are trying to introduce Powershell Remoting and punch holes through the appliance firewalls in between different subnets.

    However there is one major requirement. That is they want to be absolutely sure that the scripts that are running on it have a signed certificate. The concern that they have is that people can use Bypass to get passed that. Is there anyway that we can remove that?

    They will be locking down Domain admins.

    Any help will be appreciated.

  • #83591

    Don Jones
    Keymaster

    What do you mean “remove that?”

    Like, what's the scenario you envision someone running Set-ExecutionPolicy Bypass under? On their local machines, or while connected to a remoting endpoint?

    You say “...the scripts that are running on it...” – what is “it,” specifically?

  • #83597

    Wei-Yen Tan
    Participant

    Thanks Don for replying. Lets say they create a scheduled task to say 'powershell.exe -bypass ...' Our clients security team are saying that they dont want to turn on remoting if the bypass option. I thought about using the GPO to set it.
    When I say 'it' I mean the remote endpoints. Not the local machines

  • #83606

    Wei-Yen Tan
    Participant

    Come to think of it....the powershell.exe -bypass is a bit of moot point. I'll come back to them and suggest GPO. Thanks Don.

  • #83629

    Curtis Smith
    Participant

    Hi Wei-Yen,
    There are lots of ways to "bypass" execution policy that do not involve using the -bypass parameter. In the end, execution policy is not there to be a security mechanisim to protect you against rogue admins that will not follow the corporate policy.

    Good article for reference: https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/

You must be logged in to reply to this topic.