Re: blocking Kazaa and other P2P

From: Charles Newman (charlesnewman1@attbi.com)
Date: 01/26/03 

From: "Charles Newman" <charlesnewman1@attbi.com>
Date: Sun, 26 Jan 2003 08:17:10 GMT

"Stupified" <neosadist@hotmail.com> wrote in message
news:v283a7sab2okfe@corp.supernews.com...
>
> "optifrik" <optifrik@poczta.onet.pl> wrote in message
> news:b00gio$2uq$1@news.tpi.pl...
> > >
> > > Dude, I wrote to you that you CAN implement these things on win9x. Go
> to
> > > www.regedit.com for more info.
> > >
> > I know the ways of restricting the registry, but you should know that
> users
> > have still physical access the computer.
> > They can reboot machine, insert floppy, load old registry etc...
>
> Yes, they can, but you can make that almost impossible by putting a bios
> password (setup only -- and have hard drive as first boot device so they
> can't change that) and doing other things. I'd personally remove the
floppy
> drives in the first place...

    Where I went to college, they tried that, but someone
was able to break the bios password by finding a piece
of software to do it. You can set up a BIOS password,
but somone could get a piece of software to break it.

>
> > So the best way for me is to block it on firewall, I do not have time to
> > make once a day audit on users computer and check what are they doing
...
>
> Auditing is important, as all network admin white papers will tell you.
If
> you don't track at least simple things on the computer, your users (being
> almost smarter than you in computers) will pull the wool over your eyes.
> Who do you want to win this little contest? You or them?
> Besides that, talk to the boss, and have him put out an email / letter /
> whatever to the point that they are not to be using kazaa and/or all peer
to
> peer programs (things that can be used to share files). To the point that
> those caught WILL be fired and/or fined. Have them also sign a letter of
> consent to monitoring their computer activities, and a notice of liability
> (assuming that they all have their own personal work computer).
> Man, y'all know NOTHING of the way the military does it! First off, all
> computers are win2k pro. Second, net admins can monitor anything at will.
> Thirdly, they physically have someone on the firewall monitoring it at all
> times. Fourthly, at every log in there is a legal notice of consent to
> monitoring. I've seen people lose LOTS of pay, AND get kicked out over
> simply surfing porn (though it was intentional on their part, mind you...)
>
> > Its very good idea as you said to keep kids (and user which have limited
> > computer knowledge).
> > In IT enviroment where all are IT specialist everybody know how to make
> > tricks with registry.
>
> Then tell them that if they do, they "die".
>
> > I know the W9X is not a enviroment for company (its good for home use),
> but
> > I must use what I have. Its easiest to block any services on firewall.
>
> Then talk to the boss and try to get him to switch over to win2k pro, and

    They dont need to do that. Just get bProtected and
SOS Kidproof and lock the system down so that nobody
can install everything. Deny ALL access to floppy drives,
or CD. I have the machines on my home network
configured where they only CDs allowed are music CDs.
Any attempt to install any other CD, will result in the
computer sending a signal to the CD drive to open the
CD door, and then a message comes up saying that
CD is not authorized. SOS Kidproof can do this,
Windows XP/2000 cannot. You can deny access to
any drive or folder quite easily with a combination of
both programs.
     Its also cheaper. You can add bProtected and
SOS Kidproof for about $100 per machine, with a site
license, Win XP/2000 will cost $400 per machine to
add. So you see, my solution is cheaper, more powerful,
and FAR more secure.

> advocate it as "more stable and more secure". It will definitely reduce
> your time spent fixing the computers, as some web-based companies have
found
> out (and done research on).
>
> >
> > thans for help
> > Tomek
> >
> >
>
> No problem. I feel for you, dude. I know it's annoying.
>
>

Relevant Pages

  • Re: Unscheduled System Restore at Every Startup?
    ... I discovered the registry entry with RegRun and realised what was ... I note the workaround for stopping XP monitoring external drives and that it ... Should I let System Restore monitor my external hard ...
    (microsoft.public.windowsxp.general)
  • Re: Unscheduled System Restore at Every Startup?
    ... I discovered the registry entry with RegRun and realised ... By default System Restore in WinXP monitors all partitions it sees, ... including most jump drives and external drives. ... It has stopped monitoring the volume. ...
    (microsoft.public.windowsxp.general)
  • =?Utf-8?Q?Re:_After_reg_clean_XP_Home=2C_my_?= =?Utf-8?Q?_Office_2003_=E2=80=9Ccannot_read_r
    ... I thank you for the info about System Restore. ... since my Sys Restore was monitoring ... I cut out all drives except ... Sys Restore will really do for me is restore registry files, OS, ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: autorun configuration
    ... the value in the registry is 0x95. ... DRIVE_UNKNOWN, DRIVE_REMOVEABLE, and DRIVE_REMOTE don't use AutoPlay ... How to Enable or Disable Automatically Running CD-ROMs ... |I cannot figure out to turn off autorun for my USB drives under Windows XP. ...
    (microsoft.public.windowsxp.basics)
  • Re: XP Logging on then immediately logging off
    ... Backing up the System registry file is extremely simple: ... Run regedit and load the System hive of the problem disk, ... Forget it and reload Windows from scratch. ... drives: G and H. How could it be set up this way if it is incorrect? ...
    (microsoft.public.windowsxp.general)