HOW TO: Quick guide how to block students running EXE`s from Zipped files

[burgemaster]

1) Create a new Group policy in the computer group.
2) Edit the policy and goto: Computer Config/Secuirty Settings/Software Restriction Policies,
3) right click and select "create new policy"
4) Leave everything default and click "Additional Rules"
5) enter: C:\Documents and Settings\%username%\Local Settings as a new rule with "Disallowed" as the security level.

Gpupdate force and your done

make sure that you leave the "unrestricted" as default in "security levels" or you will be blocking a whole load of stuff !
If there is anything i have overlooked please let me know..

Just also found out that kids are hiding files in the "shadow copies" not sure if these files would show up when scanning for a file type.

[azrael78]

This works well, there are a few points you might want to be aware of - particularly if you use any kind of compiled scripts.

By default they extract to the users %TEMP% directory which resides inside the Local Settings folder.

Typically these include the interpreters (WKIX32.exe and KIX32.exe if you use KIX).

By disallowing the EXE files here, you then stop these scripts from running.

So it may be worth including an allow rule for KIX32.exe and WKIX32.exe or whichever interpreter for the scripting language you are using.

[scorcher89]

We too have had bother with Ultra-surf being run from Zip files.

Will give this a go. Thanks guys.

[Rafman]

Thanks a lot for this