Students can deactivate PC monitoring software by booting Windows into Safe Mode with Networking.
This 'advisory' is for those of you who use PC monitoring/control software which relies on a agent on the student PC that is implemented as a windows service.
Affected software: all Windows versions of ABControl, Impero, NetOP, Net Support, SynchronEyes, Securus etc.
When Windows boots into Safe Mode it does not start third party services. As the client agents for most PC remote control/monitoring software are implemented as a Windows service, they will not run during a safe Mode session.
By choosing Safe Mode with Networking a student can perform a domain log on and use Internet Explorer and other programs while outside the control of a teacher PC.
NT Based versions of Windows do not allow control of the F8 troubleshooting menu.
Mitigation: Safe Mode only has a VGA screen resolution (640x480 by 16 colours) which may be uncomfortable for and hence deter most students users. Students will only have the access rights they have during a normal window session. If they are members of the <Computer Name>\Users group they will not be able to modify any files or registry settings outside their own profile.
If you have webfiltering via a seperate proxy computer (ISA+Websense or Linux+Squid+Dansguardian) then students will not be able to load any webpages that they would not normally have access to.
Workarounds:Create a login script which logs off the user if it detects the environment variable SafeBoot_Option=Network
Windows 2000 does do not have a builtin logoff command so you may have to download the LOGOFF.EXE from the Windows 2000 Resource KIT
Rename or delete the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\
Renaming at least allows later reactivation by an administrator under one of the other Safe Mode options
Use a hex editor to manually edit NTLDR to deactivate the dectection of F8 keypress.
Warning: Changing system files directly is very dangerous. Make sure you can recover your Windows Installation and user data from backup.