+ Post New Thread
Results 1 to 15 of 15
Windows Thread, Sheep dip machine? in Technical; I'm thinking of putting in a sheepdip machine for staff/students to virus check USBs or CDs etc BEFORE they put ...
  1. #1

    Join Date
    Mar 2008
    Location
    Gloucestershire
    Posts
    35
    Thank Post
    2
    Thanked 2 Times in 2 Posts
    Rep Power
    14

    Sheep dip machine?

    I'm thinking of putting in a sheepdip machine for staff/students to virus check USBs or CDs etc BEFORE they put them into network PCs.

    So I have a basic PC which will have 'Steady State' on but am wondering how to do the virus scan bit. I'm thinking of having a simple little app with a few buttons on to do, say Scan USB, Scan CD etc.

    So shall I use command line scanners? Maybe use 2 different ones? Them how do I make my app from this.

    I'm guessing people have already done something like this.

    Your valuable advice again please!

  2. #2

    Steve21's Avatar
    Join Date
    Feb 2011
    Location
    Swindon
    Posts
    2,823
    Thank Post
    369
    Thanked 543 Times in 506 Posts
    Rep Power
    184
    Is there any reason to have this instead of realtime scanning? Most AVs will scan as soon as the files are found/opened anyway, and I'm assuming most people wouldn't check on a standalone computer as they "have no time!!!"

    In terms of what you want, just setting up some autorun scripts would be best, when it's detected USB/CD it runs virus scan.

    Steve

  3. #3

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,829
    Thank Post
    1,476
    Thanked 595 Times in 446 Posts
    Rep Power
    170
    One of my schools got badly infected and I just simply set up an old machine and a shortcut on the screen to scan a pendrive when its plugged in.
    I plug the net cable in once a week and run Sophos Update and then unplug it again. Not theoretically foolproof but has worked fine in practice

    Simon

  4. #4

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,508
    Thank Post
    626
    Thanked 1,170 Times in 898 Posts
    Blog Entries
    15
    Rep Power
    523
    Really can't see the point in a sheepdip machine any more - takes space and is highly inconvenient for everyone involved. With autorun disabled, inability to run executables from USB drives and CD - well, you still use those?

  5. #5


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,775
    Thank Post
    262
    Thanked 2,963 Times in 2,178 Posts
    Rep Power
    838
    Quote Originally Posted by SimpleSi View Post
    Not theoretically foolproof
    Exactly! When the next exploit comes along which uses USB flash drives and external HDDs to propagate (see Stuxnet, Chymin, Dulkis, Zbot, Sality), the sheep dip machine will be the computer infecting the rest of your network. Even with AutoRun disabled, you are not safe.

    It starts with a yet unexplained flaw in Windows that allows a Windows shortcut file (.lnk) placed on a USB device to run a DLL simply by being viewed. This means that, even with AutoRun and AutoPlay disabled, you can open a removable media device (USB) and execute malicious code without user interaction. The danger associated with this attack is large considering how many computers were infected through USB devices by Conficker using the AutoPlay functionality. If you can execute malware even when AutoPlay is disabled, the risk is very high. (Source)

  6. #6

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,447
    Thank Post
    1,537
    Thanked 1,069 Times in 934 Posts
    Rep Power
    305
    Was I the only EG member thinking you were on about a PC to help dip sheep? I've NEVER heard people call a machine to AV stuff before using on the LAN a sheep dip machine!

  7. #7


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,775
    Thank Post
    262
    Thanked 2,963 Times in 2,178 Posts
    Rep Power
    838
    Quote Originally Posted by john View Post
    I've NEVER heard people call a machine to AV stuff before using on the LAN a sheep dip machine!
    Sheep-dipping used to be popular in the Novell Netware/Windows 3.11 days. Back when Dr Solomon's Anti-Virus was still around.

  8. #8
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,477
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    53
    Hi

    Have a look at http://www.edugeek.net/forums/securi...nserted-2.html

    This is how I helped solve the problem.

    Richard

  9. #9

    Join Date
    Mar 2008
    Location
    Gloucestershire
    Posts
    35
    Thank Post
    2
    Thanked 2 Times in 2 Posts
    Rep Power
    14
    Thanks for the replies.

    A couple of things really.

    The PCs do have on demand scanning but I want to put an extra level of checking in after some nasty virus problems last year.

    It's only a very small school so not to concerned if they have to spend 5-10ins scanning their USBs. It'll teach them a lesson ... ;-)

    Thanks for the link, will look at it.

    Just want them to put their USBs in and then click a button to say scan now.

    Just thought someone would have done this previously.

    Also want to use something similar in a community centre. Think it would be really handy there for anyone to use.

    Thanks ... more advice please?

  10. #10

    Steve21's Avatar
    Join Date
    Feb 2011
    Location
    Swindon
    Posts
    2,823
    Thank Post
    369
    Thanked 543 Times in 506 Posts
    Rep Power
    184
    Quote Originally Posted by e-class View Post
    The PCs do have on demand scanning but I want to put an extra level of checking in after some nasty virus problems last year.

    It's only a very small school so not to concerned if they have to spend 5-10ins scanning their USBs. It'll teach them a lesson ... ;-)
    Thing is if the on scan, and normal scan is the same software it should either both pick it up or both miss it

    and you say 5-10mins, but if you're doing it properly wouldn't it be whole class scanning every lesson? End of day viruses come from home, only scanning once a month etc, is kind of a waste.

    Steve

  11. #11

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,829
    Thank Post
    1,476
    Thanked 595 Times in 446 Posts
    Rep Power
    170
    Just thought someone would have done this previously.
    I just simply stuck a note on the side of the monitor to say do right-click and then select Scan drive

    If you want to automate further then, prob AutoIt would do the job but I never bothered

    Simon

  12. #12


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,775
    Thank Post
    262
    Thanked 2,963 Times in 2,178 Posts
    Rep Power
    838
    Quote Originally Posted by e-class View Post
    Just want them to put their USBs in and then click a button to say scan now.
    What anti-virus software do you currently use? Some (like NOD32 v5.0 from ESET) can be setup to automatically start a scan as soon as the flash drive is inserted and block drives which haven't been scanned.

    Last edited by Arthur; 21st August 2011 at 08:37 PM.

  13. #13

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,447
    Thank Post
    1,537
    Thanked 1,069 Times in 934 Posts
    Rep Power
    305
    Quote Originally Posted by Arthur View Post
    Sheep-dipping used to be popular in the Novell Netware/Windows 3.11 days. Back when Dr Solomon's Anti-Virus was still around.
    Hehe I remember Dr Solomons we had it on the PCs when I was at school and Windows 3.11 scary

  14. #14
    AyatollahPies's Avatar
    Join Date
    Jan 2008
    Location
    Earth
    Posts
    900
    Thank Post
    48
    Thanked 105 Times in 95 Posts
    Rep Power
    43
    Quote Originally Posted by Arthur View Post
    Exactly! When the next exploit comes along which uses USB flash drives and external HDDs to propagate (see Stuxnet, Chymin, Dulkis, Zbot, Sality), the sheep dip machine will be the computer infecting the rest of your network. Even with AutoRun disabled, you are not safe.
    Not if your sheepdip machine is Linux based.

  15. #15

    Join Date
    Aug 2011
    Posts
    8
    Thank Post
    0
    Thanked 3 Times in 2 Posts
    Rep Power
    0
    If you are going to have a sheep-dip machine in reception, there are a few good things you can do to make it really worth while.

    1. Use a different anti virus application than you do on the rest of your computers, this will increase your chances of detecting something nasty.
    2. Where you will switch off some options as a trade off to speed on your desktop PCs, enable every single option you can on your sheep dip PC. If that's all the PC is being used for people won't mind it being a bit slower.
    3. Update as often as you can, weekly is absolutely too infrequent to be safe. Most modern anti-virus applications check for updates every 4 hours so daily updates should be a minimum.
    4. Consider running a dedicated malware scanner also, there are some decent free ones around such as superantispyware, unlike running two anti-virus applications, this should not cause a conflict.
    5. Consider running something like DeepFreeze to completely lock the state of the sheep dip PC as even with all of the precautions that can be taken, in time (in some cases a very long time), your odds of infection are 100% and the ability to instantly revert to a known clean state is invaluable.



SHARE:
+ Post New Thread

Similar Threads

  1. How to find out which machine a student logged onto, & when
    By indiegirl in forum How do you do....it?
    Replies: 32
    Last Post: 16th March 2012, 02:17 PM
  2. Strange HD Problem on Debian machine
    By crc-ict in forum *nix
    Replies: 5
    Last Post: 27th January 2006, 09:43 PM
  3. Only allow certain users to log on to a machine?
    By wesleyw in forum How do you do....it?
    Replies: 7
    Last Post: 17th January 2006, 12:38 AM
  4. Web Archive - Time Machine
    By kevinmcaleer in forum Jokes/Interweb Things
    Replies: 2
    Last Post: 29th November 2005, 05:42 PM
  5. Yodeling Sheep link
    By kevinmcaleer in forum Jokes/Interweb Things
    Replies: 2
    Last Post: 29th November 2005, 04:53 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •