1. Home
  2. Land Rover 4WD vehicles
  3. OT ROT Network Security

OT ROT Network Security

I need a software solution to stop one particular user on our network downloading and running cr*p on his pc.

Not dangerous and malicious stuff which the firewall and av software should catch, just the annoying useless tat which ends up clogging machines, hogging resources and wasting my time when I have to go and clean the damn thing up again.

(You will have guess by now that the network is small and informal, and network admin is not my job, just something I do!).

What I want is a piece of software something like the XP download nagger ("some software can be dangerous do you really want to download this?") which pops up and asks for a password to continue with the download, or else a setting in IE which just disables the facility to pull software off the net.

Machine is running Win98se, IE6.0 SP1.

I ought to mention that my preferred solution of repeatedly poking the muppet with a sharp stick until he desists has already been rejected by management.

David

Reply to
rads
Loading thread data ...

go to Internet options, then Security, then Custom level. Scroll down to file download, then choose Disable. make sure you do this without him seeing otherwise he'll go back and change it back again.

Surely time for an upgrade? If it was 2000 or XP and youre running Active Directory then you could force the above setting upon him and he'd have no choice in the matter...

if he's not doing his job properly, surely management should have a word with him!

Reply to
Pacman

Hmm... Sounds like an id-IOt interface error to me:

formatting link

Reply to
Mother

Why not simply asking the management for some straight rules, and when they are violated the first time, the guy gets a harsh letter not to do this any more, and on the second occasion he gets fired?! Technical solutions just lead to (paid!) time consuming attempts to defeat them, and it should not be necessary to spend hours and days to block content while some simple rules could solve the problem within two hours...

Reply to
Ralph A. Schmid, DK5RAS

Heartily agree.

However, it just ain't going to happen.

Have applied pacman's solution for now.

Have also left Martyn's link on the destop but suspect he will be having a 747 moment when he reads it.

David

Reply to
rads

I have found that blocking web-sites domains etc, at the firewall seems to help, not just from abusers (not that we have any at present) but blocking all the web-sites of those crappy "free (I'll spy on your browsing) fun utillites" which like to report back to customise displayed adverts etc.

Now and again I scan the firewall log to see what un-recognised sites are being accessed frequently and just block them.

Spotting favourite sites from IP add. of user would be a good starting place. As his sites keep dropping he may eventually get the message.

or just ban access to any website that is suffixed with .com

:¬)

Reply to
PeTe33

enterprise activity monitor from omniquad

formatting link

doddle to setup and really useful too

i run 2000 desktops with it on

and if you do use it, make sure to tell them Si Kellow recommended you

Si

Reply to
SiK

An office/work network I take it?

Make them do it.

Sack him/her for misuse of company equipment. Seriously, it's gross misconduct. People like that are the biggest security risk on a network.

They are costing money to fix something which they are not supposed to be doing and have been instructed not to do. I used to work in an office which had about 30 Windows PCs and the few people who ignored instructions and downloaded whatever they wanted were the biggest wastes of space we had ever seen.

Get rid of the source of the problem instead of wasting time and money fixing the problems they cause.

Anyway, you can't lock someone out of Windows98 because the file system doesn't support it. You could switch to a Linux system or maybe XP/2000 but really why should you go to that effort and expense because of them?

Can you move his/her desk so that you can watch what they are doing?

Alternatively remove all network access and let the everone know who is the cause.

Reply to
PDannyD

Thanks for that - I've forwarded the URL to a couple of my more painful users. Hopefully they'll get the message.

Reply to
EMB

The difference between a computer and a user being...

...you only need to punch information into a computer once.

Reply to
Mother

On Wed, 07 Sep 2005 10:04:18 +0100, Mother scribbled the following nonsense:

have you got a spare keyboard I can nick this afternoon, you now owe me one........

Reply to
Simon Isaacs

You can force group policy settings on locally too y'know. You dont need to be in an active directory domain. Just run 'gpedit.msc'. Dont lock the machine down too far else you will have fun undoing the changes!

Reply to
Tom Woods

MotorsForum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.