Anyone know of how to do this?
to block via the router/firewall..
Any thoughts on this or via GPO?
Thanks
Anyone know of how to do this?
to block via the router/firewall..
Any thoughts on this or via GPO?
Thanks
Use Software Restriction Policies to prevent the software from being run in the first place.
cu
59cobalt
You don't need admin rights to install P2P software. In fact, even most commercial software only requires admin rights due to stupid installers, whereas porting the installed files and some registry to another computer without admin rights works fine as well.
What you talking about is true, but if markm75 deals with users capable to do that (this is high above Joe Avaerage), then he have a serious problem with no easy solution. I wouldn't even try any of "computer protection". I would employ some other type of protection: law, force, whatever.
Why exactly is unpacking emule0.47c.bin.zip into a directory and then launching it above a typical user? Why exactly is getting told by Jane Clever "hey, just unzip this archive and you can run LimeWire without installation" above understanding?
Nonsense. There is a very easy solution: globally remove execute rights and only explicitly grant it to required applications. On Windows this is called "Software Restriction Policies".
Lawful protection could never be anything but supplemental.
In a case of LimeWire it might be true. But generally, transfering some software package from one computer to another without installation is a task above Joe Average capacibilities.
User capable of analysing installation logs and who are familiar with computers enought to transfer MS Office from one computer to another will find a way how to crack admin password and reconfigure that policy.
As I wrote: Jane Clever can prepare this task. Joe Average will just have to run a script, and there you go.
MS Office doesn't run without administrative installation.
A strange assumption, especially since they can't run any of the exploits and have to resort to what the system offers.
Than you have to protect yourself from Jane Clever, Joe Average in this case is only a keyboard button Jane Clever is pressing. You dont have Joe Average in front of computer but Jane Clever. Joe Average alone is not capable to do that.
Not important, can be some other software package, that is irrelevant. Whatever package you take as example is above Joe Avarage capacibilities.
Live Linux.
Does anyone know what tool or how I could sniff our outgoing/incoming internet traffic to even determine if our bandwidth drops are due to p2p software?
I do have the network monitor tool installed on an SMS server which can search for any traffic on the whole network.
For now I may try the software restrictions in P2p.. so at least then I can control who can run it and who cant, though most of our users are admins on their local boxes here and this isn't likely to change for various reasons.
Once again: You have Joe Average sitting on the computer doing what Jane Clever told him, or wrote him up in a script. That's why your notion "Joe Average alone is not capable to do that" is absolutely worthless in practice.
Once again:
- Jane Clever can prepare the task. Joe Average has nothing to do but simply start a script.
- Many software packages install quite well without admin rights.
Oh, and how do you change the boot priority without the BIOS password?
Sebastian G. wrote: ...
Who put the password, I cannot find that in a thread, there were uPnP off, Limited account and software restriction policy.
You are adding new security meassuers, so now I will quote myself.
i.e. more security meassures have to be involved, you pointed one, that is enought to prove statement.
EOD
Eh... using a limited account obviously implies setting a password for the admin account.
easy solution.
Well, except that stuff like disabling uPnP becomes superfluos then (it's still a good idea). And, even further, doing such few things definitely accounts as an easy solution.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.