How can i block portable file

Dears;
In my company network, users have limited privileges because they are in Domain Users group.
one day i found most of them they have a portable games files that have EXE and PPS extensions. Those files are not need to make installations gust copy it from cd,flopy,email,....etc ,and play it
So how can I block these files from running?
SamizaghloulAsked:
Who is Participating?
 
theoaksConnect With a Mentor Commented:
you are not making a hash rule to block game files. you are making a hash rule to ALLOW specific files like ones your company uses. EVERYTHING else will be blocked.

i have explained how to block the excel files. by blocking vba from runnning in excel. thats the only way short of stopping them access to excel completely.
0
 
theoaksCommented:
using software restriction policies you can limit what executables can be run in on your workstations.

http://technet.microsoft.com/en-us/library/bb457006.aspx


0
 
SamizaghloulAuthor Commented:
Ok, this is a very good informations which i learned from your link.
I found the following part on your link that is said:
***************************************
To Make Policy for Managing all Software on a Machine
      -Default Security Level: Disallowed
      -Apply software restriction policies to the following users:
               All users except administrators.
      -Unrestricted Path Rules %WINDIR%
      -Unrestricted Path Rules %PROGRAMFILES%
***************************************
I did not test it yet.
BUT this is will not block the games scripts runing iside Exel and PowerPont file ,and surly will block exe files that runing i any boths that are not mentioned before..... is it right??

Regards

0
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 
theoaksCommented:
you can disable the apps inside excel by decreasing the security levels to not allow vba content, but this would stop the users who are legitimately using excel macros.

as for the policy, that seems fine, alothough using hash method is far more secure.


0
 
jimmmgCommented:
here is a tool that can block certain fles from running, take a look here and u can have a free trial if interested:
www.employee-monitoring.net 
0
 
SamizaghloulAuthor Commented:
Dear jimmmg: This a monitoring software .I'm looking for restriction policies to prevent runnig all types of games either running through PowerPoint or excel or portable exe files.

Dear theoaks:Thanks for your help but still I need more restriction tools, because I don't know the name of games files and the user can changing these names.So i can't trace all names.

any help?
0
 
theoaksCommented:
if you use a hash policy, it doesn't matter what they name the file or game. you need to get a list of all allowed applications, and create an allow policy for these applications.

From the article i sent you:

"If an administrator knows all of the software that should run, then a software restriction policy can be applied to control execution to only this list of trusted applications.

Hash Rules

A hash rule is a cryptographic fingerprint that uniquely identifies a file regardless of where it is accessed or what it is named. An administrator may not want users to run a particular version of a program. This may be the case if the program has security or privacy bugs, or compromises system stability. With a hash rule, software can be renamed or moved into another location on a disk, but it will still match the hash rule because the rule is based on a cryptographic calculation involving file contents."

this means when a user tries to run an application that isnt apporved by your policy, it gets blocked, regardless of its name etc...

this is extremely affective technique and it is free on a windows network. by deploying through GPO.

0
 
SamizaghloulAuthor Commented:
thanks, but there is another way?
0
 
theoaksCommented:
other than paying for software, no.

not sure why you wouldn't want to use the supplied method.

it there, its free, it works. whether they rename or not.

if you want to pay for something, try this

http://www.browsecontrol.com/application.htm




0
 
SamizaghloulAuthor Commented:
Dear theoaks: To implement a Hash Method (Rule) ,Should I have the file itself to fetch out  the fingerprint for that file ,but in my case I don't know\have a list of files and every day I seeing new games with my users.
So, in this case I have to implement a path method (rule), but even this rule when I implemented it doesn't work.
One more thing I have to prevent games that are designed to be played inside PowerPoint and Excel
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.