+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Windows Thread, Portable Apps! in Technical; These are fast becoming a huge nightmare! I'm trying as much as I can to grab them off student USB ...
  1. #1
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    924
    Thank Post
    303
    Thanked 79 Times in 52 Posts
    Rep Power
    32

    Portable Apps!

    These are fast becoming a huge nightmare! I'm trying as much as I can to grab them off student USB flash drives and apply hash blocks in Active Directory and apply block policies using AB Tutor. However, there are newer versions coming out all the time. Also, some stuff you can't apply AB Tutor policies to. E.g. Microsoft Office Word 2007 in the title bar just appears as Microsoft Word. Can't block that because we want them to run Word, just not off their pen drive!

    Other interesting stuff I found was:
    UltraSurf - Gets the current proxy address settings on the PC. Tries to bypass
    WLM Lite - Portable Windows Live Messenger.
    Deskspace - Really cool application that allows you to have 4 independant desktops. You can switch desktops by a custom key press in a cube like effect and the open windows from the other desktops disappear until you activate them again. Actually really cool! lol

    Then the usual suspects - Portable Kaspersky, Portable Adobe CS3, Portable Nero, Portable LimeWire, Portable utorrent, the list goes on!

    I even found a portable version of AB Tutor. I've emailed that off to Andy at AB Consulting for further investigation.

    I have USBDLM assigning Flash Drives as K: L: and M: repectively, can I block all .exe, .bat .cmd .vbs etc running at all from flash drives?

  2. #2

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Yes, with path rules. Details have been posted before.

  3. #3


    Join Date
    Oct 2006
    Posts
    3,411
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    148
    Quote Originally Posted by Zoom7000 View Post
    I have USBDLM assigning Flash Drives as K: L: and M: repectively, can I block all .exe, .bat .cmd .vbs etc running at all from flash drives?

    Yes, do a search its been covered many a time

  4. #4
    KarlGoddard's Avatar
    Join Date
    Jul 2005
    Location
    Bolton, Lancashire
    Posts
    271
    Thank Post
    37
    Thanked 18 Times in 18 Posts
    Rep Power
    25
    Software restriction policies are your friend!

    We started using them around 18 months ago and noticed the difference almost immediately.

    We had one or two minor problems with the odd 'legit' app that got blocked but a quick tweak here and there and it worked like a dream ever since

    http://technet.microsoft.com/en-us/l.../bb457006.aspx

    http://support.microsoft.com/kb/324036

    HTH

  5. #5
    projector1's Avatar
    Join Date
    Nov 2005
    Posts
    460
    Thank Post
    70
    Thanked 1 Time in 1 Post
    Rep Power
    18
    is it my machine or is the "thanks" link missing from this thread?

  6. #6

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,611
    Thank Post
    1,226
    Thanked 772 Times in 670 Posts
    Rep Power
    234
    Quote Originally Posted by Zoom7000 View Post
    WLM Lite - Portable Windows Live Messenger
    I've bet one of our prep school pupils she can't get this working in the prep school IT room. She seemed quite enthusiastic about the challenge. I don't think she quite appreciates that our prep IT room runs Edubuntu-based thin clients, but I figure she will by the time she's finished...

    --
    David Hicks

  7. #7
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    924
    Thank Post
    303
    Thanked 79 Times in 52 Posts
    Rep Power
    32
    I've had a search and found the technique of using software restriction, in my case...

    K:\*.exe
    K:\*\*.exe
    K:\*\*\*.exe

    However, the K:*.exe won't work, so I have to keep doing the \*\*\*.exe technique, but this is not fool proof.

    Is there a way to block it on all subfolders too?

  8. #8

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,282
    Thank Post
    225
    Thanked 403 Times in 300 Posts
    Rep Power
    161
    Quote Originally Posted by Zoom7000 View Post
    I've had a search and found the technique of using software restriction, in my case...

    K:\*.exe
    K:\*\*.exe
    K:\*\*\*.exe

    However, the K:*.exe won't work, so I have to keep doing the \*\*\*.exe technique, but this is not fool proof.

    Is there a way to block it on all subfolders too?
    Can you not just ban K:\* ?

  9. #9

    Join Date
    Nov 2006
    Location
    Liskeard,Cornwall
    Posts
    36
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    We block everything by default and only allow programs to run from known locations (Program Files, windows folder, etc).

  10. #10
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    34
    Agree with Mark B. Best bet is to start with a blanket ban on everything and just allow what you need. On the basis that PCs are locked down, it is safe to allow execution from Windows and Program Files. If necessary add rules to allow execution from network locations.

  11. #11

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,761
    Thank Post
    825
    Thanked 1,663 Times in 1,448 Posts
    Blog Entries
    11
    Rep Power
    442
    We don't tend to have this problem, we get alot of flash games in excel files.
    Last edited by Ric_; 13th March 2008 at 08:26 AM. Reason: snip!

  12. #12
    KarlGoddard's Avatar
    Join Date
    Jul 2005
    Location
    Bolton, Lancashire
    Posts
    271
    Thank Post
    37
    Thanked 18 Times in 18 Posts
    Rep Power
    25
    Quote Originally Posted by FN-Greatermanchester View Post
    We don't tend to have this problem, we get alot of flash games in excel files.
    use strings.exe from sysinternals to search within *.xls for '.swf'

    this finds any embedded swf's quite nicely!
    Last edited by KarlGoddard; 13th March 2008 at 08:46 AM. Reason: spelling

  13. Thanks to KarlGoddard from:

    Alis_Klar (10th May 2010)

  14. #13
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    924
    Thank Post
    303
    Thanked 79 Times in 52 Posts
    Rep Power
    32
    Quote Originally Posted by MarkB View Post
    We block everything by default and only allow programs to run from known locations (Program Files, windows folder, etc).
    Sorry to bring this thread back from the depths of thread doom, however, I was trying this method of blocking *.exe files with the default settings of Program Files, SystemDrive, SystemRoot etc being unrestricted. But, disabling *.exe seems to overide the unrestricted settings. So, is there any simple way of blocking .exe files from anywhere other than those locations?

  15. #14
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    34
    We have blocks for everything except, stuff like:
    c:\program files\*\*
    c:\windows\*
    \\server\netlogon\*
    \\server\applics\*\*
    g:\*\* [mapped to \\server\applics\]

    &c &c, I have done the c:\folder1\*\* as I understood this to mean I can allow to run from c:\folder1\folder2\file.exe, but not from c:\folder1\file.exe, but I'm not completely positive this works.

  16. #15
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    924
    Thank Post
    303
    Thanked 79 Times in 52 Posts
    Rep Power
    32
    Quote Originally Posted by User3204 View Post
    We have blocks for everything except, stuff like:
    c:\program files\*\*
    c:\windows\*
    \\server\netlogon\*
    \\server\applics\*\*
    g:\*\* [mapped to \\server\applics\]

    &c &c, I have done the c:\folder1\*\* as I understood this to mean I can allow to run from c:\folder1\folder2\file.exe, but not from c:\folder1\file.exe, but I'm not completely positive this works.
    I tried %ProgramFiles%\* however, when I log in and try to run programs (e.g. Word) it still says the program is restricted by software restriction policy.

    What method can I use to run ALL files from %ProgramFiles% not just ones specified in a folder structure.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. PORTABLE STORAGE WITHOUT PC
    By david12345 in forum Hardware
    Replies: 8
    Last Post: 12th November 2007, 10:18 PM
  2. Replies: 25
    Last Post: 22nd October 2007, 09:07 AM
  3. Portable Apps
    By Heebeejeebee in forum Downloads
    Replies: 1
    Last Post: 25th November 2006, 10:06 PM
  4. Portable Apps
    By pcprofessor in forum General Chat
    Replies: 5
    Last Post: 19th March 2006, 11:06 PM
  5. Portable wireless laptops and trolleys
    By alexknight in forum Hardware
    Replies: 14
    Last Post: 17th November 2005, 03:26 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •