[OPLINTECH] clever children...

Chad Morris morrisch at oplin.org
Thu Feb 23 13:02:26 EST 2012 

+1 to what Greg said. I use one limited Windows domain profile and have a gpo restricting ANY access to .exe, .vbs, etc. that isn’t recognized. If a patron manages to close the timer intentionally, we have a zero tolerance policy for shenanigans of this magnitude – an instant ban. Another option you could use is Anti-Executable from Faronics (http://www.faronics.com/enterprise/anti-executable). It allows only selected programs to run and nothing else. If I wasn’t using group policies, I would be using this.




 

Chad Morris

Technology Coordinator

Franklin-Springboro Public Library

44 E. Fourth Street

Franklin, OH 45005

Office:  937.746.2665
Cell:     937.301.2465

Fax:     937.746.2847

Email:   <https://mail.oplin.org/webmail/src/compose.php?send_to=morrisch%40oplin.org> morrisch at oplin.org
www.fspl.org



 

From: oplintech-bounces at lists.oplin.org [mailto:oplintech-bounces at lists.oplin.org] On Behalf Of Kozick, Gregory
Sent: Thursday, February 23, 2012 12:39 PM
To: Chad Neeper; oplintech at lists.oplin.org
Subject: Re: [OPLINTECH] clever children...

 

We use Software Restriction Policies through Microsoft Group Policy to limit the programs that can be run from our public machines. The public can still save and download files; they can even download programs, but they can’t run them. Only what Windows needs to function and the official list of supported applications can be run from a public user account.

 

 


Description: Description: Description: logo

Greg Kozick, MCSA
Network Services Coordinator

direct: 330-643-9144 • mobile: 330-351-9446 • email: gkozick at akronlibrary.org

  _____  

Visit  <http://www.itsitblog.com/> It's IT, Your Essential Technology Source; for Valuable PC Tips and Tricks• IT Twitter: @ItsitBlog <http://twitter.com/ItsitBlog> 

  _____  

 

 

 

From: Chad Neeper [mailto:cneeper at level9networks.com] 
Sent: Wednesday, February 22, 2012 5:33 PM
To: oplintech at lists.oplin.org
Subject: Re: [OPLINTECH] clever children...

 

Process Explorer is a very, very useful tool that has been around and in continual development for a long time. Microsoft acquired the company and the lead developer several years ago. It definitely worth keeping in your arsenal.

I'm not familiar with the workings of pcreservation, but if the program that the patrons are killing is a Windows Service, you might be able to find the service and, in the Recovery tab, set the service to auto-restart after failure. That may or may not restart the service in your particular case, where the user is terminating the service intentionally (not a failure, per se), but it would help if the service just spontaneously crashed on its own.

Also in the service's General tab, you may find the exact command used to launch the service. You might be able to schedule a task to restart the service upon event of it's termination. Windows 7 (if you're using it) has enhanced task scheduling capabilities. You'd need to explore the execute on event trigger to see if you could trigger the task upon termination of your particular program/service.

Those thoughts are what popped into my head first.

HTH,
Chad

______________________________
Chad Neeper
Senior Systems Engineer

Level 9 Networks
740-548-8070 (voice)
866-214-6607 (fax)

Full LAN/WAN consulting services -- Specialized in libraries and schools


On 2/22/2012 4:35 PM, R Young wrote: 

... have found a way to circumvent our pc reservation time limit system. 
they log on as usual, then launch a program called process explorer to kill 
the pcreservation program.  this allows them to stay on for an unlimited 
amount of time.
 
I just discovered this today, and the things I have tried have not been 
foolproof in preventing them from launching the program.  We allow people to 
save to flash drives, and I don't want to restrict that.  However, using 
Windows 2003 server, and setting restrictions on launching programs from 
removable media doesn't prevent a user from launching process explorer from 
a flash drive.
 
Does anyone have any suggestions?  Is there something I have overlooked. 
(Parenthetically, this program seems like it would be a handy tool for 
techies looking for a quick way to close programs; much more elegant than 
task manager--and free, to boot.)
 
thanks for any help 
 
_______________________________________________
OPLINTECH mailing list
OPLINTECH at lists.oplin.org
http://lists.oplin.org/mailman/listinfo/oplintech
Search: http://oplin.org/techsearch
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.oplin.org/pipermail/oplintech/attachments/20120223/e8363fd4/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 5521 bytes
Desc: not available
Url : http://lists.oplin.org/pipermail/oplintech/attachments/20120223/e8363fd4/attachment-0001.jpe

More information about the OPLINTECH mailing list