Link to home
Start Free TrialLog in
Avatar of USSteel
USSteelFlag for United States of America

asked on

Registry Key or Files to detect bootleg copy of Windows?

I'm interested in blocking VPN connections from pirated copies of Windows.

Are there any files or registry keys I could search for on a client to indicate a copy of Windows hasn't been activated or has failed the Windows Genuine Authentication?
ASKER CERTIFIED SOLUTION
Avatar of motnahp00
motnahp00
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of USSteel

ASKER

Hmm, I'll take a look at that and see if it works.

I'm using Cisco's ASA for VPN.  There is an endpoint assessment portion of the client that can do basic checks for files, registry keys, etc.

I'm trying to evaluate if some of the features I am desiring (like evaluating if the OS is pirated) are available using the basic endpoint assessment.
SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of USSteel

ASKER

I'm not concerned with the issue of whether software is pirated.  I'm looking for indicators that a system is at risk for malware.

If an end user is connecting with a non-genuine or not yet activated product, it most likely isn't getting patched.
Avatar of USSteel

ASKER

Not exactly what I had hoped for, but good insight.
Your logic is flawed.

Equating non-genuine/not activated to malware risk is a null argument. A Genuine Activated system is not necessarily a fully patched system.  Just a casual perusal of the number of people with genuine software on this site that have been victims of malware should show you the fallacy of your argument.

The best defense is minimum permissions and educated users.