aruphelp
asked on
How can we ban music sharing and external hard drives?
our company is having a big problem with music and software sharing, we can ban file shares but users are bringing in music and other illegal material on usb pens and external hard drives, we dont want to ban usb devices as staff need them frequently for work, but is there a way to specify a certain hard drive limitaion?
we have viewed peoples hard disks and they all have the same albums and cracked software, but disciplining them is a real grey area as we shouldn't spy on them.
we have written a script to delete .mp3/.wma ect but this interferes with windows system files and installed software. we know about treesize for our server drives, but local drives are a big problem for us. its mainly a local drive issue, is there any software out there or good pre-written scripts?
Any ideas??
we have viewed peoples hard disks and they all have the same albums and cracked software, but disciplining them is a real grey area as we shouldn't spy on them.
we have written a script to delete .mp3/.wma ect but this interferes with windows system files and installed software. we know about treesize for our server drives, but local drives are a big problem for us. its mainly a local drive issue, is there any software out there or good pre-written scripts?
Any ideas??
As stated, good policies are the place to start next is enforcing them. Here are some great policies that you can easily make your own:
http://www.sans.org/resources/policies/
There are GroupPolicies in active directory to prevent external usb's and harddrives... but burned CD's can still be brought in
http://www.microsoft.com/technet/windowsvista/library/9fe5bf05-a4a9-44e2-a0c3-b4b4eaaa37f3.mspx
http://support.microsoft.com/kb/555324
There is also a few 3rd parties too http://www.fullarmor.com/products-intellipolicy.htm
I've consulted for many companies in the same situation, and when the PC's are company owned, so is all the data on it, and your not spying. If you have policies in place that state this fact all the better. You may need to consider ghosting or reimaging the PC's and get them all back to "square" if possible. HR should handle the reitteration of the company policies, everyone gets a clean-slate, past possible violations are forgotten, going forward violations will be acted upon per company policy.
If you can take away admin rights, you'll have far less to worry about for installed software such as P2P's. You may also consider implimenting snort which can detect many of the popular programs. It's not enough to put in policies and check up on them here an there, you need to check all the time really.
-rich
http://www.sans.org/resources/policies/
There are GroupPolicies in active directory to prevent external usb's and harddrives... but burned CD's can still be brought in
http://www.microsoft.com/technet/windowsvista/library/9fe5bf05-a4a9-44e2-a0c3-b4b4eaaa37f3.mspx
http://support.microsoft.com/kb/555324
There is also a few 3rd parties too http://www.fullarmor.com/products-intellipolicy.htm
I've consulted for many companies in the same situation, and when the PC's are company owned, so is all the data on it, and your not spying. If you have policies in place that state this fact all the better. You may need to consider ghosting or reimaging the PC's and get them all back to "square" if possible. HR should handle the reitteration of the company policies, everyone gets a clean-slate, past possible violations are forgotten, going forward violations will be acted upon per company policy.
If you can take away admin rights, you'll have far less to worry about for installed software such as P2P's. You may also consider implimenting snort which can detect many of the popular programs. It's not enough to put in policies and check up on them here an there, you need to check all the time really.
-rich
ASKER
Is there a good batch file that would remove .mp3 .wav .wma files but could avoid the program files and windows folder?
Sure, batch files are easy to write, you have a few choices in how you would implement them, a scheduled task on each of the users pc's, a scheduled task on a remote pc.
This script can be copied to a text file and renamed from .txt to .vbs, then all you have to do is schedule the task
strComputer = "."
WScript.Echo "=========================
WScript.Echo "Computer: " & strComputer
WScript.Echo "=========================
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFiles = objWMIService.ExecQuery _
("Select * from CIM_Datafile Where Extension = 'mp3' OR Extension = 'wav' OR Extension = 'wma'")
For Each objFile in colFiles
Wscript.Echo "Name: " & objFile.Name
Next
or you can put in a list of PC's if you wish to do this remotely from another pc, just change the first line like this:
strComputer = "10.10.10.10", "10.10.10.11", "10.10.10.12"
or...
strComputer = "PcName1", "Pcname2", "PcName3"
Just quote the name and or ip's and separate with a comma. To call this script create a batch file (a .txt file renamed to .bat) Just need this line
cscript /nologo find-audio.vbs
(find-audio.vbs is the name of the script above) You can simply create a scheduled task that points to the batch file.
That script will echo the Computers name, and list each file on the pc. Output looks like this
Name: c:\program files\ahead\nero\boo.wav
Name: c:\program files\ahead\nero\dingdong.
Name: c:\program files\ahead\nero\trumpet1.
Name: c:\program files\msn messenger\newalert.wma
Name: c:\program files\msn messenger\newemail.wma
Name: c:\program files\msn messenger\nudge.wma
Name: c:\program files\msn messenger\online.wma
I've not sorted out how to exclude certain directories yet... perhaps a pointer to this question in the VBS TA
https://www.experts-exchange.com/Programming/Programming_Languages/Visual_Basic/
-rich
This script can be copied to a text file and renamed from .txt to .vbs, then all you have to do is schedule the task
strComputer = "."
WScript.Echo "=========================
WScript.Echo "Computer: " & strComputer
WScript.Echo "=========================
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFiles = objWMIService.ExecQuery _
("Select * from CIM_Datafile Where Extension = 'mp3' OR Extension = 'wav' OR Extension = 'wma'")
For Each objFile in colFiles
Wscript.Echo "Name: " & objFile.Name
Next
or you can put in a list of PC's if you wish to do this remotely from another pc, just change the first line like this:
strComputer = "10.10.10.10", "10.10.10.11", "10.10.10.12"
or...
strComputer = "PcName1", "Pcname2", "PcName3"
Just quote the name and or ip's and separate with a comma. To call this script create a batch file (a .txt file renamed to .bat) Just need this line
cscript /nologo find-audio.vbs
(find-audio.vbs is the name of the script above) You can simply create a scheduled task that points to the batch file.
That script will echo the Computers name, and list each file on the pc. Output looks like this
Name: c:\program files\ahead\nero\boo.wav
Name: c:\program files\ahead\nero\dingdong.
Name: c:\program files\ahead\nero\trumpet1.
Name: c:\program files\msn messenger\newalert.wma
Name: c:\program files\msn messenger\newemail.wma
Name: c:\program files\msn messenger\nudge.wma
Name: c:\program files\msn messenger\online.wma
I've not sorted out how to exclude certain directories yet... perhaps a pointer to this question in the VBS TA
https://www.experts-exchange.com/Programming/Programming_Languages/Visual_Basic/
-rich
ASKER
Thanks for the help guys, its just fine tuning i need really, ideally a well equipped batch file that we could run that would delete the music but avoid the windows folder ect. i cant seem to find a solid solution anywhere.
I'm working on a script to take all permissions away from audio files, and only allow the local administrator account to access them, that way they are still recoverable if you grab the wrong file... and it will tick users off :)
-rich
-rich
OK this might sound wierd...but do they NEED audio for anything? Instead of hunting down all the files, just disable the playback hardware.
Just disable the sound!
Mandatory user profiles, alerts and alarms when bypassed, removal of auido capabilities from supplied software, etc
The seek and destroy sound files seems a bit heavy handed as the first step.
PS it's a fine line...getting them pissed off enough to behave....but not pissed off enough to misbehave!!
Just disable the sound!
Mandatory user profiles, alerts and alarms when bypassed, removal of auido capabilities from supplied software, etc
The seek and destroy sound files seems a bit heavy handed as the first step.
PS it's a fine line...getting them pissed off enough to behave....but not pissed off enough to misbehave!!
The playback isn't the point... it's the downloading and possible legal action from such groups as the RIAA or fellow employees turned extortionists that might try to make trouble. It's not uncommon that a disgruntled/downsized employee will try to report lack of software licenses or the fact that P2P software is allowed at the company. I've seen these scenarios a few times in my consulting years, and it does happen. But I also think the asker is trying to curb any possible illegal activity as well as keep users focused and more on task, not to mention keeping viri exposure and other potential nasties away.
If there are company policies against using such software, and personal music stored on the PC is also not permitted, you may also consider posting alternatives that are acceptable, catch more flies with honey if you will. If music on the PC is not permitted, perhaps you can clarify to the users that a walkman/discman or small portable radio/cd/tape player is allowed as long as it does not disturb others...
I'll work a bit more on the script tomorrow, but I'd suspect you'd get a better answer from another TA such as:
https://www.experts-exchange.com/Programming/Programming_Languages/Visual_Basic/
-rich
If there are company policies against using such software, and personal music stored on the PC is also not permitted, you may also consider posting alternatives that are acceptable, catch more flies with honey if you will. If music on the PC is not permitted, perhaps you can clarify to the users that a walkman/discman or small portable radio/cd/tape player is allowed as long as it does not disturb others...
I'll work a bit more on the script tomorrow, but I'd suspect you'd get a better answer from another TA such as:
https://www.experts-exchange.com/Programming/Programming_Languages/Visual_Basic/
-rich
ASKER
Our company has a central IT base in london and there is no way any member of staff can access file sharing, p2p, torrents ect, it would never get past the proxy server/firewall, our users only have power user rights so they cant install any software, basically they are exchanging cd's and ripping them to their hard drives, brining in copied cd's and sharing them, or using portable 1gb pen drives and 60gb external usb hard drives and sharing music they have downloaded at home on torrents sites.
our company policy clearly states that copywright is prohibited, but at the same time we cant randomly search computers as it is a breach of privacy. so we want to run a file that will wipe them off the drives, they cant then come back to us and say 'you've deleted my 75 illegal albums that i had on my computer'
pccpr is right about the fine line, we have some top engineers who bring in big money, but their c: drive has 29gig of albums on it!! do we want to ring them up and tell them off, or do we just have a script that sorts it and we can shrug our shoulders and say its company policy.
we can just ignore it but when i comes to users saying my computer is rubbish and slow.......we find tons of illegal albums and cracked games......stressing or what!! i may have to move this request like richrumble says :(
our company policy clearly states that copywright is prohibited, but at the same time we cant randomly search computers as it is a breach of privacy. so we want to run a file that will wipe them off the drives, they cant then come back to us and say 'you've deleted my 75 illegal albums that i had on my computer'
pccpr is right about the fine line, we have some top engineers who bring in big money, but their c: drive has 29gig of albums on it!! do we want to ring them up and tell them off, or do we just have a script that sorts it and we can shrug our shoulders and say its company policy.
we can just ignore it but when i comes to users saying my computer is rubbish and slow.......we find tons of illegal albums and cracked games......stressing or what!! i may have to move this request like richrumble says :(
I can't seem to script this to a very reliable way, I'd put a pointer to this question in the TA I linked above, or have the moderators move the question. What would be even funnier through is to replace the files you find with an equivalent file that tells them they have broken company policy ;)
replace mp3 files with an mp3 of someone reading the policies, or a wav with that same mp3 converted ;)
I would also stress that if there are alternatives, such as users are allowed to use personal players such as a iPod, Walkman, Sirrus, or portable cd player- that you indicate that alternative to them. Also reminding them that they are not allowed to bring in and store audio/video files on your company PC's.
The script I posted above will detect most popular file Audio extensions, you may also consider trying to detect AV files, such as Avi, mpg, mpeg, rm, divx, mov, qt, and wmv
I can't seem to get my head around a good "IF" statement that will allow you to exclude certain filenames and or paths. I would create a list of known good files and their paths, and someone can code up a statement to skip those. To be thorough it's best if you have a white-list like this, users might get wise and determine that they can copy their files to a certain DIR and they won't be deleted... all it takes is one user that finds such an exception to spread the word...
Hopefully your company doesn't make jingles or company songs , you might delete a lot of hardwork :)
-rich
replace mp3 files with an mp3 of someone reading the policies, or a wav with that same mp3 converted ;)
I would also stress that if there are alternatives, such as users are allowed to use personal players such as a iPod, Walkman, Sirrus, or portable cd player- that you indicate that alternative to them. Also reminding them that they are not allowed to bring in and store audio/video files on your company PC's.
The script I posted above will detect most popular file Audio extensions, you may also consider trying to detect AV files, such as Avi, mpg, mpeg, rm, divx, mov, qt, and wmv
I can't seem to get my head around a good "IF" statement that will allow you to exclude certain filenames and or paths. I would create a list of known good files and their paths, and someone can code up a statement to skip those. To be thorough it's best if you have a white-list like this, users might get wise and determine that they can copy their files to a certain DIR and they won't be deleted... all it takes is one user that finds such an exception to spread the word...
Hopefully your company doesn't make jingles or company songs , you might delete a lot of hardwork :)
-rich
ASKER
thanks, how do i get a moderator to move the question?
Fastest way is to place a Q here: https://www.experts-exchange.com/Community_Support/
-rich
-rich
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can stop this only by User education and bringing some strict security policies and request your users to adhere to it.
Cheers!