C
Christopher Hota
Hi All-
We've recently been tasked with providing a little control as to what users
can/can't run in our computer labs here at UW-Milwaukee.
I'm familiar with creating a "ban list" of application NAMES (such as
kazaa.exe), but some of our more... uh, "nefarious" lab users have figured
out that they can bypass the settings (in USER\Adm.
Templates\System\Policy\don't run specified Windows applications\) by simply
renaming the executable and then running it.
I've heard (somewhere) that there's a method of taking "fingerprints" or
hashes of programs, and then adding those to a GPO so that users can't run
any apps that match. Was I dreaming? There *has* to be a better way of
restricting application use.
Please help!!!
chris.
/ Chris Hota ([email protected])
| ITPS Supervisor - (R&D)
| CSC/IT Purchasing & Support
| I&MT/Student Technology Services
| UW-Milwaukee
| Bolton 218 - (414)229-3186
\ Cell Phone - (414)840-4682
We've recently been tasked with providing a little control as to what users
can/can't run in our computer labs here at UW-Milwaukee.
I'm familiar with creating a "ban list" of application NAMES (such as
kazaa.exe), but some of our more... uh, "nefarious" lab users have figured
out that they can bypass the settings (in USER\Adm.
Templates\System\Policy\don't run specified Windows applications\) by simply
renaming the executable and then running it.
I've heard (somewhere) that there's a method of taking "fingerprints" or
hashes of programs, and then adding those to a GPO so that users can't run
any apps that match. Was I dreaming? There *has* to be a better way of
restricting application use.
Please help!!!
chris.
/ Chris Hota ([email protected])
| ITPS Supervisor - (R&D)
| CSC/IT Purchasing & Support
| I&MT/Student Technology Services
| UW-Milwaukee
| Bolton 218 - (414)229-3186
\ Cell Phone - (414)840-4682