+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Windows Thread, Portable Apps! in Technical; These are fast becoming a huge nightmare! I'm trying as much as I can to grab them off student USB ...
  1. #1
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    992
    Thank Post
    348
    Thanked 93 Times in 62 Posts
    Rep Power
    34

    Portable Apps!

    These are fast becoming a huge nightmare! I'm trying as much as I can to grab them off student USB flash drives and apply hash blocks in Active Directory and apply block policies using AB Tutor. However, there are newer versions coming out all the time. Also, some stuff you can't apply AB Tutor policies to. E.g. Microsoft Office Word 2007 in the title bar just appears as Microsoft Word. Can't block that because we want them to run Word, just not off their pen drive!

    Other interesting stuff I found was:
    UltraSurf - Gets the current proxy address settings on the PC. Tries to bypass
    WLM Lite - Portable Windows Live Messenger.
    Deskspace - Really cool application that allows you to have 4 independant desktops. You can switch desktops by a custom key press in a cube like effect and the open windows from the other desktops disappear until you activate them again. Actually really cool! lol

    Then the usual suspects - Portable Kaspersky, Portable Adobe CS3, Portable Nero, Portable LimeWire, Portable utorrent, the list goes on!

    I even found a portable version of AB Tutor. I've emailed that off to Andy at AB Consulting for further investigation.

    I have USBDLM assigning Flash Drives as K: L: and M: repectively, can I block all .exe, .bat .cmd .vbs etc running at all from flash drives?

  2. #2

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,867
    Thank Post
    412
    Thanked 778 Times in 651 Posts
    Rep Power
    182
    Yes, with path rules. Details have been posted before.

  3. #3


    Join Date
    Oct 2006
    Posts
    3,414
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149
    Quote Originally Posted by Zoom7000 View Post
    I have USBDLM assigning Flash Drives as K: L: and M: repectively, can I block all .exe, .bat .cmd .vbs etc running at all from flash drives?

    Yes, do a search its been covered many a time

  4. #4
    KarlGoddard's Avatar
    Join Date
    Jul 2005
    Location
    Bolton, Lancashire
    Posts
    272
    Thank Post
    37
    Thanked 18 Times in 18 Posts
    Rep Power
    26
    Software restriction policies are your friend!

    We started using them around 18 months ago and noticed the difference almost immediately.

    We had one or two minor problems with the odd 'legit' app that got blocked but a quick tweak here and there and it worked like a dream ever since

    http://technet.microsoft.com/en-us/l.../bb457006.aspx

    http://support.microsoft.com/kb/324036

    HTH

  5. #5
    projector1's Avatar
    Join Date
    Nov 2005
    Posts
    461
    Thank Post
    70
    Thanked 1 Time in 1 Post
    Rep Power
    19
    is it my machine or is the "thanks" link missing from this thread?

  6. #6

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,772
    Thank Post
    1,308
    Thanked 804 Times in 698 Posts
    Rep Power
    246
    Quote Originally Posted by Zoom7000 View Post
    WLM Lite - Portable Windows Live Messenger
    I've bet one of our prep school pupils she can't get this working in the prep school IT room. She seemed quite enthusiastic about the challenge. I don't think she quite appreciates that our prep IT room runs Edubuntu-based thin clients, but I figure she will by the time she's finished...

    --
    David Hicks

  7. #7
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    992
    Thank Post
    348
    Thanked 93 Times in 62 Posts
    Rep Power
    34
    I've had a search and found the technique of using software restriction, in my case...

    K:\*.exe
    K:\*\*.exe
    K:\*\*\*.exe

    However, the K:*.exe won't work, so I have to keep doing the \*\*\*.exe technique, but this is not fool proof.

    Is there a way to block it on all subfolders too?

  8. #8

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,336
    Thank Post
    227
    Thanked 433 Times in 315 Posts
    Rep Power
    172
    Quote Originally Posted by Zoom7000 View Post
    I've had a search and found the technique of using software restriction, in my case...

    K:\*.exe
    K:\*\*.exe
    K:\*\*\*.exe

    However, the K:*.exe won't work, so I have to keep doing the \*\*\*.exe technique, but this is not fool proof.

    Is there a way to block it on all subfolders too?
    Can you not just ban K:\* ?

  9. #9

    Join Date
    Nov 2006
    Location
    Liskeard,Cornwall
    Posts
    36
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    We block everything by default and only allow programs to run from known locations (Program Files, windows folder, etc).

  10. #10
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    35
    Agree with Mark B. Best bet is to start with a blanket ban on everything and just allow what you need. On the basis that PCs are locked down, it is safe to allow execution from Windows and Program Files. If necessary add rules to allow execution from network locations.

  11. #11

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,374
    Thank Post
    906
    Thanked 1,811 Times in 1,559 Posts
    Blog Entries
    12
    Rep Power
    468
    We don't tend to have this problem, we get alot of flash games in excel files.
    Last edited by Ric_; 13th March 2008 at 09:26 AM. Reason: snip!

  12. #12
    KarlGoddard's Avatar
    Join Date
    Jul 2005
    Location
    Bolton, Lancashire
    Posts
    272
    Thank Post
    37
    Thanked 18 Times in 18 Posts
    Rep Power
    26
    Quote Originally Posted by FN-Greatermanchester View Post
    We don't tend to have this problem, we get alot of flash games in excel files.
    use strings.exe from sysinternals to search within *.xls for '.swf'

    this finds any embedded swf's quite nicely!
    Last edited by KarlGoddard; 13th March 2008 at 09:46 AM. Reason: spelling

  13. Thanks to KarlGoddard from:

    Alis_Klar (10th May 2010)

  14. #13
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    992
    Thank Post
    348
    Thanked 93 Times in 62 Posts
    Rep Power
    34
    Quote Originally Posted by MarkB View Post
    We block everything by default and only allow programs to run from known locations (Program Files, windows folder, etc).
    Sorry to bring this thread back from the depths of thread doom, however, I was trying this method of blocking *.exe files with the default settings of Program Files, SystemDrive, SystemRoot etc being unrestricted. But, disabling *.exe seems to overide the unrestricted settings. So, is there any simple way of blocking .exe files from anywhere other than those locations?

  15. #14
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    35
    We have blocks for everything except, stuff like:
    c:\program files\*\*
    c:\windows\*
    \\server\netlogon\*
    \\server\applics\*\*
    g:\*\* [mapped to \\server\applics\]

    &c &c, I have done the c:\folder1\*\* as I understood this to mean I can allow to run from c:\folder1\folder2\file.exe, but not from c:\folder1\file.exe, but I'm not completely positive this works.

  16. #15
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    992
    Thank Post
    348
    Thanked 93 Times in 62 Posts
    Rep Power
    34
    Quote Originally Posted by User3204 View Post
    We have blocks for everything except, stuff like:
    c:\program files\*\*
    c:\windows\*
    \\server\netlogon\*
    \\server\applics\*\*
    g:\*\* [mapped to \\server\applics\]

    &c &c, I have done the c:\folder1\*\* as I understood this to mean I can allow to run from c:\folder1\folder2\file.exe, but not from c:\folder1\file.exe, but I'm not completely positive this works.
    I tried %ProgramFiles%\* however, when I log in and try to run programs (e.g. Word) it still says the program is restricted by software restriction policy.

    What method can I use to run ALL files from %ProgramFiles% not just ones specified in a folder structure.



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. PORTABLE STORAGE WITHOUT PC
    By david12345 in forum Hardware
    Replies: 8
    Last Post: 12th November 2007, 11:18 PM
  2. Replies: 25
    Last Post: 22nd October 2007, 10:07 AM
  3. Portable Apps
    By Heebeejeebee in forum Downloads
    Replies: 1
    Last Post: 25th November 2006, 11:06 PM
  4. Portable Apps
    By pcprofessor in forum General Chat
    Replies: 5
    Last Post: 20th March 2006, 12:06 AM
  5. Portable wireless laptops and trolleys
    By alexknight in forum Hardware
    Replies: 14
    Last Post: 17th November 2005, 04:26 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •