Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

desperate

Status
Not open for further replies.
micky500970

micky500970

Programmer
Jul 9, 2004
81
GB
Hello,

we have a big problem at work. currently we are using NW 6.5 Zen 4 and XP with group policies. The students here are pretty smart and are constantly writing there own scripts to damage things.

The latest attack is this Mozilla software. it some-how bypasses Border manager and our ISP's filtering software so they can view xrated sites. I created a program in VB to prevent the mozilla process running but they have since renamed the program!

We have approx 400 pieces of software available using NAL. Is it possible to only allow software in NAL to run?
This way they could not run third party scripts and programs.

Any ideas would be very much appreciated.
Thanks

Mick
 
Sort by date Sort by votes
There is something called "rogue Processes" that you can prevent. This makes it so only NAL applications can be run, or any apps that you specifically allow. Not sure if it's available with ZFD 4. But I know it's a feature of ZFD 6.5 which is very similar to ZFD 4.

It's not too dificult to setup, you just push out some registry keys and I believe you turn on the policy.



Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting
 
Upvote 0 Downvote
Hello thanks for your responce.

I am a little confused though. I was under the impression that ZFD 6.5 was suite of programs, which among other things contained ZFD 4?

I will look into this "rogue process" thingy.

Thanks again.

Mick


 
Upvote 0 Downvote
Pretty sure Rogue process is in ZFD 4. ZFD 6.5 is zfd 4.0.1 with a couple of add-ons - the linux management piece, personality migration tool, etc. I thought that the rogue process control was via the Windows GPO and as such was still subject to file renaming? I'd like to be wrong about that!
 
Upvote 0 Downvote
I haven't done much with it except in a lab. Pretty much you just push out some reg keys. It's quite a bit different than the other Zen services. I mean, there's not really a policy or anything that you setup. You would just create an app with certain reg keys and push it out to everybody. They would get the reg keys and then their workstation manager will acknowledge them and not allow any processes to run that aren't originated from NAL.

Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting
 
Upvote 0 Downvote
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top