We block hash keys with a piece of software called Securus
We block hash keys with a piece of software called Securus
I notice someone put a post up about getting it to work on a windows domain/vanilla network did you provide some instruction or confirmation as to whether it works on there also?
If not could you provide some detail please, very interested in this.
It does indeed work. The GameKillerApp.exe file (along with the other library files) goes on to a share (or C drive) which is completely hidden and inaccessible to the end user but can be reached by the local machine itself (Probably a share mapped during login, but made inaccessible via GPO or RfN). It relies on mcp.ini (local machine, but if you've got VB 2008 Express you can change this to get it's config directly from another drive), a directory to dump logs in, a directory in there called "tocheck", and of course the hashlist.txt file which is made courtesy of mcphasher.exe. We're still yet to deploy (Testing in Library at present) as I'm looking at how network communication is handled in VB2008 and hopefully look at a server-side portion or something to get it's configuration and hashlists from rather than a set of files, which works, but a console server would be great for debugging during pilot, and further additions as I wouldn't mind seeing if it's possible to drill down further in to the workstations and look at what file handles specific applications have open, like the standalone flash player.
We're not killing the flash player at the moment as the kids use flash buttons (DiDA) rather than making their own. The ICT teachers are wonderful but I do wish that they'd look at preventing the kids from using flash buttons after they've completed their current project and give them a selection of Photoshop PSDs and have them make up their own buttons (Infuriating as if we ever do a global search on our filestore for .swf files, there's millions of flash buttons between all the games, and nor can we just globally ban .swf files on the filestore otherwise my phone would light up brighter than Blackpool illuminations). I don't think Edexcel require they use Flash buttons in their DiDA projects so I don't see it being an issue.
We bought Impero at the beginning of the year and it's perfect for this problem.
Ok, we can't block flash from running as it is used legitiametly (Cida Dida etc), but as most users are embedding flash rather than launching directly, we can get Impero to listen for saflashplayer.exe and alert us when it's being used.
We periodically look at the alerts and if that exe is flagged up, we nip into the students area and delete the lot.
Frustrates the hell out of them.
We have been using the gamekiller app on our vanilla network since it was released and I would just like to say what a wonderful piece of programming, I just wish I could even work out where to start when it comes to creating an app like yours. Anyway, I have moved off topic. It worked brilliantly for about a week. Really annoyed our year 11's to the point that they threatened the other technician here which was funny. Then, they found a way round the program.
If they open up flash, load there swf into it, publish a new swf and web page and then run the created html, they can not only play the game, but it doesn't appear in the copied games folder.
I am not sure if there is anything you can do about this one but I really do hope you can. The year 11's are leaving soon, but the rest of the school will no doubt know how to get the games to run.
Good greif, they're getting clever now. They are pretty much embedding the game inside another flash file, thus, creating a different hash (There's an additional wrapper around the game itself so the hash changes. The only way to get round this would be to look for a specific chunk of ASCII in the file(easiest, unless compression mangles it), or somehow conjure up heuristic scanning that nails it whatever they do, but I hardly think thats easy in VB.NET. Good learning experience this is I must admit, I'm learning things that I never went in to in college (in ye olde VB 6 days).
You can take the KILL= out completely. and currently this is the latest version. I am working (slowly) on a complete re-write between work at school. However we have been rather busy lately and progress is slow.
having some problems communicating between threads in a multitheaded server app.
If anyone knows how to go about this problem is a little like this.....
Serverapp runs a thread that listens on a port for a connection.
When a client connects another thread is started to handle this connection.
The serverapp continues to listen for another connection etc.
The handler works and multiple clients can connect, however I cant then have the server enumerate through the clients sending data to each one.
The handler can recieve information, and respond, but another thread cant pick a client to talk to.
Back when I was a C and Unix programmer, I'd have a shared memory segment that all the clients would write to and read from, and from Java I'd be able to call methods in an array of threads eg.
threadList[n].sendText("Greetings client " + n)
in VB.net as the thread is a subroutine I cant make calls to the object.
However the next version will not rely on open IE windows, but rather will watch any file system activity (so it can prevent the opening of hashed files in ANY application)
I must admit to this, most of my 'early learning' was through the principles of security flaws and vice versa.whenever you block one way, they find another and in fact the brighter ones see it as a challenge.....
Change of management was always fun, different methods of thinking. The classroom management systems made it the hardest.
Here, things have got so bad that we've had to setup ISA too block all SWF files from being downloaded. This does the job nicely and at least enables a whitelist for legit sites.
However, the real problem we face at the moment is kids bringing in their SWF games on USB sticks and what not.
As fellow IT techs are aware of too, classroom discipline is rarely upheld and the kids believe they can get away with it.
With Flash also being on the syllabus, we can't prevent SAFlashPlayer from running. So right now we have a nightmare trying to stop the wave of gameplaying.
Windows Server 2008 might have a solution for us for the future, but what with the state of the country and budgets we're now getting, we're stuck on Server 2003, with no proper filtering (and in some cases working)!
But to think, if FileSystemWatcher had an OnAccess event, we'd all be laughing. Is anybody aware of an open source on-access scanner? My searching has come up trumps.
FileSystemWatcher does indeed have an onaccess event.
The new gamekiller is going to be using it.
So far I can get it to see that a file has been opened, I can then read the file and hash it to check against the list of files to be killed.
However I have hit a major stumbleing block. The file is open, and I cant delete it (cus the kid has it opened in an application). I need to find out which application has the file locked, so I can kill the process.
I've been trawling around and discovered it can be done, using calls to ntdll.dll but there are no .net code bits for it, the calls are all undocumented by Microsoft and all the example code I can find is written in C++ or C#, and being a newbie to VB, and previously a Java programmer, I am having trouble converting it.
Sysinternals Forums - vb.net locked file information
Dirty, but you could shell out to pskill?
I just use the open source monitoring software Italc, load it up every so often and mess around with boys screens who are playing flash games. Its hilarious to see them constantly trying to open a game when im closing it on their screen
Persistent offenders just get their accounts banned.
This works and we dont have a problem with people abusing flash any more.
There are currently 1 users browsing this thread. (0 members and 1 guests)