How do you do....it? Thread, Hiding executables in documents! in Technical; Ok, so we can prevent students running applications (you define what is considered an application) from their user areas/home drives/pen ...
30th June 2008, 03:42 PM #1
- Rep Power
Hiding executables in documents!
Ok, so we can prevent students running applications (you define what is considered an application) from their user areas/home drives/pen drives etc using a combination of Fileserver resource manager (2003 R2) and software restriction policies.
But how do you guys stop students executing applications they've embedded in word (and potentially any office application or any other OLE capable app) documents?
I figured the best way to do that was to identify where it launches from, and I find it points to docs & settings\username\local settings\temporary internet files\blah blah. So I figure I can use software restriction policies to restrict C:\Documents and Settings\.
This works.... however... applications with shortcuts in docs and settings\all users\start menu or even desktop for that matter won't launch now... Alrighty, so now we'll create another software restriction policy, this time 'unrestricted' for docs and settings\all users - well, that's great... right?
I admit I haven't tested many applications, however I do know of one application called InPage Urdu (some crazy app to type backards/in urdu) when launched appears to create/launch something in the users temp folder.
So, what I'm interested in is have any of you guys got any suggestions/tips for how you stop students accessing executables?
IDG Tech News
30th June 2008, 04:50 PM #2
I think you're going to find it very hard to do this :-(
The other approach is to basically whitelist apps which you do want to run - you can create a hash rule for each app you want to allow; this basically checks any file being run and makes sure that it matches the files you want to allow.
Downside of this is that it's hard work to set up - you have to create a hash for every executable (and I'm guessing that every time something get's patched that the rules need upating)
30th June 2008, 05:01 PM #3
- Rep Power
Thanks but I think I have it working now, it was easier than I expected.
I'm sure I will find out in the next few days if I've broken any other software with these policies. I have attached a screenie;
30th June 2008, 05:02 PM #4
Can you just use GP to turn macro security up?
Wouldnt that prevent it?
30th June 2008, 05:03 PM #5
I'm supprised A-Virus desent pick the documents up as a potential virus.
A diffrent approuch would be to target the people you know who are doing this and make an example out of them.
30th June 2008, 06:45 PM #6
I think this is always the best policy - you can spend your life trying to find technical solutions to what are actually people problems!
Originally Posted by PEO
One I can see with this is that if the kids work out what's going on, they'll just plug in a USB Hub with 4 USB memory sticks so that they get a "drive G:" etc. Not sure if this would be allowed (it's not explicitly blocked) but I *think* it is ...
30th June 2008, 07:03 PM #7
I think you'll find banning the embedded flash very hard it's been discussed in a few threads and the only way that really works is turning off vb support which also stops macros running.
30th June 2008, 08:03 PM #8
- Rep Power
I'm not too worried about embedded flash, they are taught to use flash unfortunately. Executables were all I was really worried about, it's something that's always bugged me tbh.
Currently students cannot access any pen drives, but I'm trying to do all I can to protect things in preperation for enabling pen drives again.
1st July 2008, 01:29 PM #9
One of my clever techs has written a nice little vb that loads automatically and scans through all the worksheets and deletes any flash games it finds - its not perfect, but its enough to stop most things.
Originally Posted by cookie_monster
1st July 2008, 01:34 PM #10
Ahem care to share it
Last Post: 12th July 2010, 12:36 PM
By markwilliamson2001 in forum Windows
Last Post: 9th March 2010, 09:51 AM
By binky in forum Virtual Learning Platforms
Last Post: 29th April 2008, 10:05 PM
By humpda in forum Windows
Last Post: 23rd September 2007, 04:04 PM
By Geoff in forum Windows
Last Post: 11th May 2007, 03:29 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)