×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

desperate

desperate

desperate

(OP)
Hello,

we have a big problem at work. currently we are using NW 6.5 Zen 4 and XP with group policies. The students here are pretty smart and are constantly writing there own scripts to damage things.

The latest attack is this Mozilla software. it some-how bypasses Border manager and our ISP's filtering software so they can view xrated sites. I created a program in VB to prevent the mozilla process running but they have since renamed the program!

We have approx 400 pieces of software available using NAL. Is it possible to only allow software in NAL to run?
This way they could not run third party scripts and programs.

Any ideas would be very much appreciated.
Thanks

Mick

RE: desperate

There is something called "rogue Processes" that you can prevent. This makes it so only NAL applications can be run, or any apps that you specifically allow. Not sure if it's available with ZFD 4.  But I know it's a feature of ZFD 6.5 which is very similar to ZFD 4.

It's not too dificult to setup, you just push out some registry keys and I believe you turn on the policy.

Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting
http://www.redjuju.com

RE: desperate

(OP)
Hello thanks for your responce.

I am a little confused though. I was under the impression that ZFD 6.5 was suite of programs, which among other things contained ZFD 4?

I will look into this "rogue process" thingy.

Thanks again.

Mick


RE: desperate

Zen 6.5 is a suite, but the ZFD portion is also numbered at version 6.5, although it is very similar to 4.x

Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting
http://www.redjuju.com

RE: desperate

Pretty sure Rogue process is in ZFD 4.  ZFD 6.5 is zfd 4.0.1 with a couple of add-ons - the linux management piece, personality migration tool, etc. I thought that the rogue process control was via the Windows GPO and as such was still subject to file renaming? I'd like to be wrong about that!  

RE: desperate

I haven't done much with it except in a lab. Pretty much you just push out some reg keys. It's quite a bit different than the other Zen services. I mean, there's not really a policy or anything that you setup. You would just create an app with certain reg keys and push it out to everybody. They would get the reg keys and then their workstation manager will acknowledge them and not allow any processes to run that aren't originated from NAL.

Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting
http://www.redjuju.com

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close