+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
Windows Thread, IE7 wishful thinking in Technical; I have set up a fairly simple script for one of my schools whereby the teacher can control various computer's ...
  1. #1

    Join Date
    Apr 2007
    Location
    Bournemouth
    Posts
    72
    Thank Post
    13
    Thanked 4 Times in 2 Posts
    Rep Power
    16

    IE7 wishful thinking

    I have set up a fairly simple script for one of my schools whereby the teacher can control various computer's internet access. I'm sure there is freeware out there for it and/or a better script, but, the only flaw in my script is kids can still access new IE7 through using the address bar in windows explorer which opens IE7.

    So there are three questions I wish to ask:

    1) Is there any way to disable IE7 opening through windows explorer?
    2) Is there a group policy setting to completely disable the address bar in windows explorer.
    and finally 3) Has anyone else a good script that works with regards to disabling other's internet access at a different computer?

    I tried various methods of doing this and I found an effective way of doing this without too much hassle is remotely pskill the IE process, then remotely change the permissions on the IE folder in program files thus disabling any icon or shortcut, the downside is it doesnt stop it though URLs in Windows Explorer.

    I feel I am going an arse about tit way of doing this, but I tried writing various scripts and batches and this seemed the most reliable and quick to do.

    Thanks guys, sorry for the ramblings.

  2. #2

    Join Date
    Apr 2007
    Location
    Bournemouth
    Posts
    72
    Thank Post
    13
    Thanked 4 Times in 2 Posts
    Rep Power
    16

    Re: IE7 wishful thinking

    No ideas anyone? Or does everyone use 3rd party software to disable internet?

  3. #3

    Join Date
    Oct 2006
    Location
    Robert Mays School, Hampshire
    Posts
    100
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: IE7 wishful thinking

    Net Support can do this on a class to class or computer to computer basis....

    Removing the Address Bar would be the solution otherwise, I think... my GPO books don't mention address bar in Explorer

  4. #4
    mortstar's Avatar
    Join Date
    Jan 2007
    Location
    Oxford
    Posts
    341
    Thank Post
    13
    Thanked 29 Times in 18 Posts
    Rep Power
    21

    Re: IE7 wishful thinking

    LanView by MST Software does this perfectly. It's donate-ware.

    It also puts a little Traffic Lights Applet on the teacher's machine to turn internet on and off.

  5. #5
    Scotmk's Avatar
    Join Date
    May 2007
    Location
    Milton Keynes
    Posts
    277
    Thank Post
    1
    Thanked 4 Times in 3 Posts
    Rep Power
    17

    Re: IE7 wishful thinking

    Netsupport or if CC3 RM Tutor (netsupport rebranded) will do the trick

  6. #6
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,966
    Thank Post
    248
    Thanked 49 Times in 45 Posts
    Blog Entries
    2
    Rep Power
    46

    Re: IE7 wishful thinking

    In AD you can put in a duff proxy port and close off IE that way.

    Using another method, we find blocking port 80 is pretty effective - against those pesky kids making browsers from word documents and using other browsers

  7. #7
    StewartKnight's Avatar
    Join Date
    Jun 2005
    Posts
    1,587
    Thank Post
    2
    Thanked 27 Times in 21 Posts
    Rep Power
    30

    Re: IE7 wishful thinking

    I do all of the above. For immediate stopping of internet (say for 1 lesson) lanviewer or RPKiller and to ban kids I have a move them to an OU with a null proxy

  8. #8

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: IE7 wishful thinking

    Snort IDS signature to pick up the IE6/7 Useragent in HTTP requests. Stick it in the Packetfence NAC as a violation and hey presto. The machine gets ARP Poisoned off the LAN.

  9. #9

    Join Date
    Feb 2006
    Posts
    1,187
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: IE7 wishful thinking

    Quote Originally Posted by Geoff
    Snort IDS signature to pick up the IE6/7 Useragent in HTTP requests. Stick it in the Packetfence NAC as a violation and hey presto. The machine gets ARP Poisoned off the LAN.
    That's a bit BOFH Geoff. The computer in this case is meant to be on the school network. The problem was that a approved application was being used.

    Wouldn't this be more job for a proxy/content filter?

  10. #10
    Heebeejeebee's Avatar
    Join Date
    Nov 2006
    Location
    Intergalactic Cruise
    Posts
    1,056
    Thank Post
    69
    Thanked 77 Times in 61 Posts
    Rep Power
    35

    Re: IE7 wishful thinking

    Quote Originally Posted by NetworkGeezer
    Quote Originally Posted by Geoff
    Snort IDS signature to pick up the IE6/7 Useragent in HTTP requests. Stick it in the Packetfence NAC as a violation and hey presto. The machine gets ARP Poisoned off the LAN.
    That's a bit BOFH Geoff. The computer in this case is meant to be on the school network. The problem was that a approved application was being used.

    Wouldn't this be more job for a proxy/content filter?
    LOL

    BOFH rocks!!

    HBJB

  11. #11

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: IE7 wishful thinking

    Wouldn't this be more job for a proxy/content filter?
    Why choose? When you can have both? Defence in depth is your friend.

  12. #12


    Join Date
    Oct 2006
    Posts
    3,413
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149

    Re: IE7 wishful thinking

    I thought IE7 opened a sperate process in taskman, this made Lanview a viable solution once again (after IE6 which didnt oopen a sperate process)

  13. #13

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,157
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124

    Re: IE7 wishful thinking

    IE7 opens in a separate process here.

    To go back to the original point, trying to block IE7 opening is going to be hard work; as others have said, just typing a URL in word and clicking it will open a browser.

    I don't think you can reset the proxy on a machine which is already running IE (so if a user has IE open and the teacher wants all users to stop using the internet then you can't just make a remote registry change on that machine) I could imagine a script which remotely kills the iexplore process and pokes in fake proxy values.

    The way I started working (but never quite finished ...) was to have a rule in ISA which blocked access from a group of computers. Staff would have access to a web page which allowed them to add computers to the blocked group. One day I'll finish this :-)

  14. #14

    Join Date
    Apr 2007
    Location
    Bournemouth
    Posts
    72
    Thank Post
    13
    Thanked 4 Times in 2 Posts
    Rep Power
    16

    Re: IE7 wishful thinking

    Hmm lots of info there, cheers guys. It cannot be AD based or anything of the sort, what they want is simply a button on the teachers desktop that turns off internet at client Pcs, they also don't want any proper GUI, they just want a batch file or something similar.

    Well I can kill the process using Pskill but is there a way that you can block port 80 from another machine? The teachers are local admins and the kids aren't, can you do registry merges across networks easy?

  15. #15

    Join Date
    Jul 2007
    Posts
    2
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: IE7 wishful thinking

    Hi Bobo,

    I really wouldn't do all that circus to simply control the Internet Access of the kids.

    IMHO, you want to simply ensure that the kids go to only specific kinds of web-sites & do not go to porn etc. Maybe you also want some virus-scanning thrown in, along with checking user-agent signatures. And maybe you want to define the time-slots when the little guys can access the web. And maybe you want to be a complete "big-brother" who reports to the kid's parents with some impressive graphic reports about their kids, web-habits. This is pretty standard content filtering requirement.

    I suggest you to check-up SafeSquid. It's a content filtering proxy.
    The only down-side's you have to set-up a linux box. I know that this looks like a completely Microsoft Alley, but then the Windows Edition of SafeSquid's really pathetic. But the linux version, well ... you gotta use it to know it.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 15
    Last Post: 18th January 2008, 10:45 AM
  2. Thinking seriously about MCSE - but who/how to train
    By contink in forum Courses and Training
    Replies: 19
    Last Post: 19th December 2007, 02:28 PM
  3. Thinking of setting up a Thin Client in on room.
    By tosca925 in forum Thin Client and Virtual Machines
    Replies: 5
    Last Post: 29th June 2006, 07:53 AM
  4. Replies: 61
    Last Post: 29th November 2005, 08:00 PM
  5. Thinking About Getting Sky+?
    By in forum General Chat
    Replies: 6
    Last Post: 27th November 2005, 11:48 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •