Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Users installs web software

Status
Not open for further replies.

128meg

IS-IT--Management
Sep 25, 2003
23
SE
Is there any way to stop users from installing "Dialers" and "sceanmates" from internet,
We have about 2500 users in a school env. and it's geting quit messy...
 
Do you know the names of these programs before they get installed or are they unknown?
 
They are changing names but most of them have a "XXX" or "Dialer" in the name.
Then there students that try to install Mirc, morpheus, ICQ, Kaza and other chat or ptp software.
 
Okay --- that makes it a little tougher; but not impossible. There is a product that I'm sure you have heard of on this site called SysTrack (now v3.13) that could be useful in helping you accomplish this. Knowing the name of the app allows SysTrack to recognize the app when it is running and kill it (on a server or a workstation)! If you don't know the name before hand so that SysTrack can watch for it, the next best thing would be to instruct SysTrack to watch for ALL software changes on the machines you specifiy. This could include any installs, deletes, upgrades, etc.; in this case an install. When SysTrack detects one of these software changes it can be instructed to alert one or more people of that change (e-mail, page, SNMP or pop-up msg.). You can then find-out what the software change was and if it were a new program you did not want to allow - you could then add it to the list of programs you want SysTrack to kill when it sees them running. A little more work than you were probably looking for but in time you'll probably have collected most of them. This is one suggestion, someone else may have another.

If you are interested in this, please let me know and I will send you the information on where to download the code for testing. I don't think it is appropriate that I post it here.

Regards,
Mike (kapski@yahoo.com)
 
You could use AppSense that will lock down the server only allowing users to run those applications that you allow them to, then all others will not run!

Cheers,
Carl.
 
You can also use ACLs and policies to lock down servers - free to use, but you need to know what you're doing.... using a firewall that blocks *.exe, *.com, *.bat, *.cmd etc is probably worthwhile as well.... finally, given that it's Citrix what I'd do is use something like Ghost to image the server(s) so that you can regularly wipe them and restore to a known good state (just be careful with the server running the data store, if it's not on a separate SQL server).

Cheers
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top