R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.
An unusual situation.
I support a Resident Community which makes available to its residents (who don't own a PC of their own) 3 PC's (Win10 Pro) installed in a "common area".
Someone bent on playing pranks has been corrupting the computers by deleting programs and/or "resetting" the computers to factory settings, forcing a re installation of the OS and the programs (Word, Excel, etc....)
I have resorted to a program called "Deep Freeze" which returns a computer to the state it was in at Log In, regardless what was done. The program is password protected.
Somehow "someone" has gotten around the program and continues to perform their mischief,
Question: Has anyone encountered a similar situation and found a remedy? Please help!
Thanks,
Biggles
Someone bent on playing pranks has been corrupting the computers by deleting programs and/or "resetting" the computers to factory settings, forcing a re installation of the OS and the programs (Word, Excel, etc....)
I have resorted to a program called "Deep Freeze" which returns a computer to the state it was in at Log In, regardless what was done. The program is password protected.
Somehow "someone" has gotten around the program and continues to perform their mischief,
Question: Has anyone encountered a similar situation and found a remedy? Please help!
Thanks,
Biggles
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Have I seen this? No.
Can you put a much stronger password on Deep Freeze? Would that stop the attacker from breaking Deep Freeze?
Can you put a much stronger password on Deep Freeze? Would that stop the attacker from breaking Deep Freeze?
I have resorted to a program called "Deep Freeze" which returns a computer to the state it was in at Log In, regardless what was done. The program is password protected.Now I have to ask some questions:
Somehow "someone" has gotten around the program and continues to perform their mischief,
1) How strong is the password for Deep Freeze?
2) What sort of rights are on the account that the users have access to?
3) How strong is the password of the administrator account on the machine?
4) Did you lockdown the BIOS (they may very well be using a bootable device to tinker with the administrator account)
5) Have you considered utilizing Kiosk Mode for those machines?
Please read about the limitations of Deepfreeze and tell me if those could apply to your setup: https://en.wikipedia.org/wiki/Deep_Freeze_(software)
From masnrock:
Now I have to ask some questions:
1) How strong is the password for Deep Freeze?
Answer: 9 Characters mix of letters and numbers (all lower case)
2) What sort of rights are on the account that the users have access to?
Answer: User
3) How strong is the password of the administrator account on the machine?
Answer: 10 Characters mix of letters and numbers (all lower case) one special character
4) Did you lockdown the BIOS (they may very well be using a bootable device to tinker with the administrator account)
Answer: No. But I should try that!
5) Have you considered utilizing Kiosk Mode for those machines?
Answer: No! Excellent Idea!!!! How do you do that?
Now I have to ask some questions:
1) How strong is the password for Deep Freeze?
Answer: 9 Characters mix of letters and numbers (all lower case)
2) What sort of rights are on the account that the users have access to?
Answer: User
3) How strong is the password of the administrator account on the machine?
Answer: 10 Characters mix of letters and numbers (all lower case) one special character
4) Did you lockdown the BIOS (they may very well be using a bootable device to tinker with the administrator account)
Answer: No. But I should try that!
5) Have you considered utilizing Kiosk Mode for those machines?
Answer: No! Excellent Idea!!!! How do you do that?
Deep freeze: Try a password with upper, lower characters, a special character, and a number.
User is fine so they are not administrators.
Admin password: same advice as Deep freeze password.
Make sure you are using UEFI with Secure Boot ON. That prevents others from starting the machine.
User is fine so they are not administrators.
Admin password: same advice as Deep freeze password.
Make sure you are using UEFI with Secure Boot ON. That prevents others from starting the machine.
Please respond to all suggestions so we have a clear picture.
As for kiosk mode: question is, what you want to do with that machine. A secure setup that no one can temper with needs modern apps (like the edge browser) in order to use windows' assigned access feature.
As for kiosk mode: question is, what you want to do with that machine. A secure setup that no one can temper with needs modern apps (like the edge browser) in order to use windows' assigned access feature.
I researched Kiosk mode and I have de3cided against it.
Next I will try locking down the BIOS. For that I have to go onsite. I will inform you all when I do that.
Next I will try locking down the BIOS. For that I have to go onsite. I will inform you all when I do that.
You asked, "Question: Has anyone encountered a similar situation and found a remedy?"
John answered, "Ensure all residents are Standard Users (not Admin)."
So... you can use John's simple solution + problem is solved instantly.
Or you can use a complex/expensive/time-con
Standard users can't change admin level files.
John answered, "Ensure all residents are Standard Users (not Admin)."
So... you can use John's simple solution + problem is solved instantly.
Or you can use a complex/expensive/time-con
Standard users can't change admin level files.
I researched Kiosk mode and I have de3cided against it.
I have tried locking down the BIOS, its been 48 Hours. I also changed the password (Login as well as Bios) to something really complicated. In thew Bios I disabled the DVD/CD so no one will be able to use a "Password breaking" software which boots from a DVD.
So Far so good.
I will keep you all informed in a couple days.
I have tried locking down the BIOS, its been 48 Hours. I also changed the password (Login as well as Bios) to something really complicated. In thew Bios I disabled the DVD/CD so no one will be able to use a "Password breaking" software which boots from a DVD.
So Far so good.
I will keep you all informed in a couple days.
"no one will be able to use a "Password breaking" software which boots from a DVD" - then he will use USB boot, or boot a different drive if he can open the case. It would be best to encrypt the hard drive with bitlocker if that does not break deep freeze. That keeps people from breaking in and modifying data offline, changing passwords and so on - it is part of the very baseline of any security concept as all other measures fail when it comes to offline manipulation.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial