[gptalk] Re: vb scripts running from USB keys
- From: "Nelson, Jamie R Contr 72 CS/SCBAF" <Jamie.Nelson.ctr@xxxxxxxxxxxxx>
- To: <gptalk@xxxxxxxxxxxxx>
- Date: Fri, 8 Jun 2007 08:25:11 -0500
What about setting the proxy settings as per-machine rather than
per-user? That should prevent them from changing the keys under HKLM,
assuming of course that they don't have local admin rights on the
system. The only catch is that you can't configure the per-computer
proxy settings directly through Group Policy. You either have to write a
custom ADM for them or import a .reg file containing the settings at
computer startup. See this article for more details.
http://www.jsifaq.com/SF/Tips/Tip.aspx?id=10097
Blocking direct port 80 outbound connections is the way most people do
it, but this should work for you.
//signed//
Jamie R Nelson
Systems Engineer
Ingenium Corporation
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Darren Mar-Elia
Sent: Thursday, June 07, 2007 10:04 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: vb scripts running from USB keys
You might be able to restrict this using Software Restriction Policy
(assuming your clients are XP and above). I'm not sure if you use other
"legitimate" .vbs scripts in your environment, but you could use SRP to
block execution of cscript.exe and wscript.exe and that would prevent
all WSH scripts from running.
Darren
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Christine Whitewood
Sent: Thursday, June 07, 2007 5:09 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: vb scripts running from USB keys
Yes you are correct, I was hoping there would be a way with GPO
Chris Whitewood
Network Administrator
St Francis Xavier College
Beaconsfield/Berwick
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Nelson, Jamie R Contr 72 CS/SCBAF
Sent: Friday, 8 June 2007 10:02 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: vb scripts running from USB keys
I assume you mean that they are getting to websites they are not
supposed to by turning off the proxy settings in their browsers?
If that is the case then you should block port 80 traffic outbound (only
allowing your proxy server out) on your external router so that users
can't get to the internet unless it is through your web proxy. That or
run a transparent proxy service.
If I am incorrect, please explain in more detail.
//signed//
Jamie R Nelson
Systems Engineer
Ingenium Corporation
________________________________
From: Christine Whitewood
Sent: Thu 6/7/2007 5:37 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] vb scripts running from USB keys
Can anyone tell me how to stop this happening? Our students are running
scripts that get them round our proxy.
Regards
Chris Whitewood
Network Administrator
St Francis Xavier College
Beaconsfield/Berwick
Other related posts:
