+ Post New Thread
Page 4 of 12 FirstFirst 12345678 ... LastLast
Results 46 to 60 of 173
Windows Thread, Blocking Flash Games Software restriction Policies... Hash in Technical; I used a combination of blocking the ActiveX in Office documents and McAffee EpO/Virus Scan 8.5 and the user defined ...
  1. #46

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,666
    Thank Post
    119
    Thanked 126 Times in 102 Posts
    Rep Power
    44
    I used a combination of blocking the ActiveX in Office documents and McAffee EpO/Virus Scan 8.5 and the user defined rules.

    The first stops them being imbeded in excel/word (obviously) the latter I have used to prevent them funning any SWF (and BAT/EXE/MSI/CMD/COM/MP3) files from flash memory, their desktops, home areas and any other area that they can write too.

    If I was in your situation I could also allow a small network location for pupils to save their course work and this could be agressively monitored. I also found that content checking the E-mail when this was going on here proved usefull for removing unwanted documents.

  2. #47

    Join Date
    Nov 2008
    Location
    uk
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    does gamekiller work with windows xp

    Quote Originally Posted by peterp View Post
    Ok, here are the files needed. They are zipped up, so if you unzip directly to your packages directory (q:\applications\) you will end up with a directory called gamekiller2

    In here are the files needed. Documentation and zips of the source for visual studio 2008.

    To use the program as is, update package list, allocated it to stations, and create folders for the logs/hashlist

    Need to create...
    w:\mcplist (hidden read only folder)
    w:\mcplist\logs (student writeable)
    w:\mcplist\logs\tocheck (student writeable)
    w:\mcplist\hashlist.txt (created with mcphasher)

    Ok, adding an attachment doesnt seem to work. (6meg .zip file, maybe too big?)
    does gamekiller2 work with xp

  3. #48

    Join Date
    Jan 2009
    Location
    Burton On Trent
    Posts
    112
    Thank Post
    17
    Thanked 23 Times in 18 Posts
    Rep Power
    14
    Yes. You may need to tailor the paths that it uses as these are designed for our RM CC3 network, but its just a VB.net program that runs under windows xp.

    All the paths that are used for config files are in the programs .ini file.

  4. #49

    Join Date
    Nov 2008
    Location
    uk
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    thankyou

    thanks for the solution will try that

  5. #50

    Join Date
    Mar 2009
    Location
    Walsall, UK
    Posts
    13
    Thank Post
    4
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Don't mean to be a pain, but does this work with a specific version of Internet Explorer? Can't remember what I did to get it working on Server 2003 but can't seem to get it to find a correct hash for a game in IE on one of our student workstations (Windows XP, IE 6 (A minor version number lower than that of Server 2003)). Almost every time it'll copy the game out even if it's in the hashlist if MAKECOPY is on. Registry file applied too, so it's not missing any of it's prerequisites as far as I'm aware. This said, it detects games properly if loaded in Flashplayer and closes flash player fine.

    Anything really obvious I'm missing because I think I've nailed everything.

  6. #51
    irishpirate2000's Avatar
    Join Date
    Mar 2008
    Location
    The Berkshires
    Posts
    6
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    This looks great, just need some help/directions on implementing it on and windows domain. Any assistance is appreciated.

    Thanks in advance,
    Dave

  7. #52

    Join Date
    Jan 2009
    Location
    Burton On Trent
    Posts
    112
    Thank Post
    17
    Thanked 23 Times in 18 Posts
    Rep Power
    14
    Quote Originally Posted by LWard View Post
    Don't mean to be a pain, but does this work with a specific version of Internet Explorer? Can't remember what I did to get it working on Server 2003 but can't seem to get it to find a correct hash for a game in IE on one of our student workstations (Windows XP, IE 6 (A minor version number lower than that of Server 2003)). Almost every time it'll copy the game out even if it's in the hashlist if MAKECOPY is on. Registry file applied too, so it's not missing any of it's prerequisites as far as I'm aware.
    It should work for any version of IE that I am aware of. It has only been tested under IE6 on CC3 (xp) workstations mind you as this is all we run.
    It will only copy the file if it doesnt find a matching hash in the hashlist.txt file.
    Are you sure you have correctly used the MCPHasher program to generate the hash of the game? (its a terrible peice of software currently, must get around to re-writing it)
    The procedure is to copy the games out of the toCheck folder into a games folder, preferably stored on the C drive. Run MCPHasher, and go file-open, navigate to the MCPList directory and open hashlist.txt
    Click ADD and navigate to the games folder on C. The new hashlist should be generated then, and any duplicate entries removed (based on hashvalue only. it will not remove duplicate names). Close the MCPHasher and it will prompt you to save the hashlist. Navigate to MCPList directory and double click hashlist.txt

    If the MCPlist directory is readable from a student account, they should pick up the new list within 5 mins (default) or based on the timer you set in mcp.ini



    This said, it detects games properly if loaded in Flashplayer and closes flash player fine.

    Anything really obvious I'm missing because I think I've nailed everything.
    For flashplayer it doesnt match any hashes, it just closes everything down, game or not.

  8. 2 Thanks to peterp:

    clareq (2nd April 2009), LWard (2nd April 2009)

  9. #53
    clareq's Avatar
    Join Date
    Dec 2005
    Location
    Doncaster
    Posts
    590
    Thank Post
    46
    Thanked 166 Times in 104 Posts
    Rep Power
    79
    Can I thank you peterp - I installed this little gem on our system on Monday, and the number of swf games stored in user areas has dropped to nil in only 3 days. Teaching and learning now has a chance!

  10. #54

    Join Date
    Mar 2009
    Location
    Walsall, UK
    Posts
    13
    Thank Post
    4
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by peterp View Post
    It should work for any version of IE that I am aware of. It has only been tested under IE6 on CC3 (xp) workstations mind you as this is all we run.
    It will only copy the file if it doesnt find a matching hash in the hashlist.txt file.
    Are you sure you have correctly used the MCPHasher program to generate the hash of the game? (its a terrible peice of software currently, must get around to re-writing it)
    The procedure is to copy the games out of the toCheck folder into a games folder, preferably stored on the C drive. Run MCPHasher, and go file-open, navigate to the MCPList directory and open hashlist.txt
    Click ADD and navigate to the games folder on C. The new hashlist should be generated then, and any duplicate entries removed (based on hashvalue only. it will not remove duplicate names). Close the MCPHasher and it will prompt you to save the hashlist. Navigate to MCPList directory and double click hashlist.txt

    If the MCPlist directory is readable from a student account, they should pick up the new list within 5 mins (default) or based on the timer you set in mcp.ini





    For flashplayer it doesnt match any hashes, it just closes everything down, game or not.

    Yeah, nailed it thanks. I didn't have any luck in getting MCPHasher to work initially so I used another tool to do it for me, which doesn't remove duplicates, and also capitalises all the letters in the strings, which might have been what was causing the unexpected behavior! MCPHasher is alright so long as, if you don't have a hashlist initially (You're trying it out for the first time) create an empty text file and get it to open it.

    This is a very snazzy piece of software I must say. I did VB6 at college and it's quite interesting to see it's almost the same 9 years on in VB 2008. The code is really clear to read too, nice job! I'm a considerable stats whore so will probably look at adapting it with a web-based frontend for configuring it and compiling output logs, but no idea when I plan to look at doing that. Kids are going to love it, might be tempted to try this at home to see what my brother thinks of it!

  11. #55

    Join Date
    Jan 2009
    Location
    Burton On Trent
    Posts
    112
    Thank Post
    17
    Thanked 23 Times in 18 Posts
    Rep Power
    14
    Well, I have been teaching myself VB.Net for a couple of months now, and now I have found the Filesystemwatcher object I will be doing a complete re-write using these rather than timers.

    The program will watch a list of specified drives for any file being opened, and then process them to see if they are games. This will also be able to detect SWF embeded in excel files (which our little dears use to get around IE, FLASHPLAYER and MEDIAPLAYERCLASSIC being filtered)

    So hopefully in a couple of months there will be a shiney new version to play with.

    On my wishlist is socket communications, so the client can be connected to from a server for instant updates, and logging, rather than the fileshare based system used at the moment.

  12. #56

    Join Date
    May 2007
    Location
    Bradford
    Posts
    71
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    15
    Quote Originally Posted by peterp View Post
    This will also be able to detect SWF embeded in excel files
    Will this have the fuctionality for exe embeded in word?

  13. #57

    Join Date
    Jan 2009
    Location
    Burton On Trent
    Posts
    112
    Thank Post
    17
    Thanked 23 Times in 18 Posts
    Rep Power
    14
    Do you mean Shockwave flash? or VBA?
    If i have a couple of samples of files I *MAY* be able to work out some sort of signature to check against.

    For instance, I have a test harness running that detects embedded shockwave in excel files by checking the file for the string \.f.l.a.s.h...o.c.x which occurs in every file I want to target (and I very much doubt this string would occur naturally in a worksheet :-)

    I may be able to do a similar thing to other files. (although my algorithm for checking for the existence of a string in a file that may be larger than available memory is VERY greedy and needs to be re-written)

  14. #58

    Join Date
    May 2007
    Location
    Bradford
    Posts
    71
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    15
    as we cant disable activex in office, the kids have now figured out that they can make word documents at home, drag in swf and exe files into word, or add them through the insert menu save the file as a word doc, then open it up here, double click the exe and it runs.

    a massive massive security hole, I just wish ms had a gpo that you could specify which filetypes can be embedded in word.

  15. #59

    Join Date
    Jan 2009
    Location
    Burton On Trent
    Posts
    112
    Thank Post
    17
    Thanked 23 Times in 18 Posts
    Rep Power
    14
    Quote Originally Posted by rasssp View Post
    as we cant disable activex in office, the kids have now figured out that they can make word documents at home, drag in swf and exe files into word, or add them through the insert menu save the file as a word doc, then open it up here, double click the exe and it runs.

    a massive massive security hole, I just wish ms had a gpo that you could specify which filetypes can be embedded in word.
    Do you use a CC3 network? I have just tried this here with an execuatable, it works as an admin, but when I try to open the same document as a student user and double click the executable embedded in the document, it gives an error stating 'Object was created in package. This application is not available to open this object ......'

  16. #60

    Join Date
    Nov 2007
    Posts
    44
    Thank Post
    1
    Thanked 3 Times in 2 Posts
    Rep Power
    14

    A couple of issues

    I've downloaded the gamekiller2 application and installed (as per your instructions) on our RM CC3 network. Leaving all the fields in the ini file as default it "kills" flashplayer whenever someone tries to run it. This information is also logged in the logs folder that I created in W:\mcplist\

    I have tried adding a few swf files to the hashlist.txt (which appears to work), but if I try running any "new" swf files, it doesn't appear to copy the swf file to the "tocheck" folder that I also created. I don't believe this is a permissions problem as I have set the folder (temporarily) to EVERYONE, FULL CONTROL for testing purposes. Also there are instances where I would like flashplayer to run (for legitimate purposes), so I tried removing "flashplayer" from the mcp.ini file and so now it shows:

    KILL=

    ....with no entries. In this state nothing gets blocked. It is essential to have a program entered in this field?

    Just one last question. Do you have any updated versions, or is the link to the one you posted on 9th March the most current?

    Cheers

SHARE:
+ Post New Thread
Page 4 of 12 FirstFirst 12345678 ... LastLast

Similar Threads

  1. Software Restriction Policies - Allow ONLY certain software
    By link470 in forum Wireless Networks
    Replies: 28
    Last Post: 9th July 2010, 04:29 PM
  2. Help write a guide for Software restriction policies for USB
    By ChrisH in forum How do you do....it?
    Replies: 7
    Last Post: 28th January 2010, 09:40 AM
  3. Replies: 11
    Last Post: 20th April 2007, 06:38 PM
  4. Software Restriction Policies
    By wesleyw in forum Windows
    Replies: 14
    Last Post: 12th December 2006, 11:35 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •