|
01-27-2005, 07:15 PM
|
#1 (permalink) |
|
WaterDog
|
disabling AIM
okay, i want to prevent AIM from being installed and used on a computer.... i tried blocking out the site using security, but it still lets you download it with max security... is there anything i can do to restrict AIM from being installed or opened on windows XP???
...it's for a school classroom, to prevent students from putting it on
__________________
    ...AquaFox... |
|
|
01-27-2005, 07:27 PM
|
#2 (permalink) |
|
Psycho
Location: Firefox yourself and change the world!
|
get the system admin to block all aol websites? Thats all i can think of. Or if you catch the students installing "unauthorized" programs on the computers at school you can always send them to detention.
__________________
I'll make ya famous! |
|
|
|
01-28-2005, 12:04 AM
|
#5 (permalink) |
|
Go Cardinals
Location: St. Louis/Cincinnati
|
I have no idea how my school admin did it but they had this setup:
We had several accounts created on our school laptops: Home (unrestricted), School (restricted), and Administrator (administrator). On the school account, WMP, AIM, KaZaA Lite, any non-school; program was denied from opening with some message like "Your account has been restricted from opening this program." There has to be a way to limit certain programs individually.
__________________
Brian Griffin: Ah, if my memory serves me, this is the physics department. Chris Griffin: That would explain all the gravity. |
|
|
|
01-28-2005, 01:25 AM
|
#6 (permalink) | |
|
Loves my girl in thongs
Location: North of Mexico, South of Canada
|
Quote:
Once the machine is configured to the spec wanted by the school, edit the permissions. Create a list of the currently installed products and their associated program files folders. Gives these folders and programs usual access rights. Set rules to deny all others. Unless a student was crafty enough to install aim into say the photoshop folder in program files, you've killed it's access.
__________________
Seen on an employer evaluation: "The wheel is turning but the hamsters dead" ____________________________ Is arch13 really a porn diety ? find out after the film at 11. -Nanofever |
|
|
|
|
01-28-2005, 06:53 AM
|
#7 (permalink) | |
|
Muffled
Location: Camazotz
|
Quote:
__________________
it's quiet in here |
|
|
|
|
01-28-2005, 08:11 AM
|
#8 (permalink) | |
|
Psycho
Location: Metro Detroit, Mich, USA
|
Quote:
__________________
Tommy Nibs is a funny word. So here I am, above palm trees, so straight and tall... You are, smaller getting smaller, but I still see... you. Jimmy Eat World - Goodbye Sky Harbor |
|
|
|
|
01-28-2005, 12:46 PM
|
#9 (permalink) |
|
WaterDog
|
i'll see if theres anyway to deny rights to that folder
lol, the one person keeps installing it and hiding the files, by renaming the start menu folder to names that resemble educational software, but i know the computer like the back of my hand soo that doesn't work, and they also hide the installer in random places like programfiles and my documents
__________________
...AquaFox... |
|
|
|
01-28-2005, 05:41 PM
|
#10 (permalink) |
|
Devils Cabana Boy
Location: Central Coast CA
|
what perms do the students have, they dont have full admin do they?
if they dont, instal aim, then remove the perms for the folder it is installed to. that should stop it from running and they. is it xp home or pro? ill toy around with it and ill get back to you.
__________________
Donate Blood! "Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen |
|
|
|
01-28-2005, 08:01 PM
|
#11 (permalink) |
|
I am not permanent.
Location: Tennessee
|
Why not just set a group policy at the domain to disallow the AIM executable file from being run? You could do it per machine if you wanted, providing you're using XP pro.
__________________
If you're flammable and have legs, you are never blocking a fire exit. - Mitch Hedberg |
|
|
|
01-28-2005, 08:02 PM
|
#12 (permalink) |
|
Submit to me, you know you want to
Location: Lilburn, Ga
|
keep in mind aim express.....they have blocked all usage of yahoo, msn, and aim where I work....but aim express (I guess since its web based) has no problem at all working
__________________
I want the diabetic plan that comes with rollover carbs. I dont like the unused one expiring at midnite!! |
|
|
|
01-28-2005, 08:14 PM
|
#13 (permalink) |
|
I am not permanent.
Location: Tennessee
|
Good point ShaniFaye. Maybe an ACL at the firewall to disallow all traffic to and from the AIM port ranges. Unless AIM express runs over port 80. In which case, restrict the site. I'm sure there will always be a way to get around it but hopefully the kids would give up after being met with such resistance.
On another note, take a look at <a href="http://www.faronics.com/">Deep Freeze</a>. If they install AIM, walk up behind them and restart the computer. Bye bye AIM.
__________________
If you're flammable and have legs, you are never blocking a fire exit. - Mitch Hedberg |
|
|
|
01-28-2005, 08:34 PM
|
#14 (permalink) | |
|
WaterDog
|
Quote:
awsome awsome, i've seen a computer lab that reset itself like that alll the time, nothing would ever hold on it, i just never knew how they managed it i know its XP, not sure if it's pro or not... most likely it's not pro... i forget! there is only one acess level and you can do anything on it
__________________
...AquaFox... |
|
|
|
|
01-28-2005, 11:30 PM
|
#15 (permalink) |
|
Devils Cabana Boy
Location: Central Coast CA
|
deep freeze is great. we are starting to use it where i work, even with administrative privliges i cant screw up the system with out the password for deepfreeze.
__________________
Donate Blood! "Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen |
|
|
|
01-29-2005, 04:19 AM
|
#16 (permalink) | |
|
Submit to me, you know you want to
Location: Lilburn, Ga
|
Quote:
Im 99% positive it runs over port 80
__________________
I want the diabetic plan that comes with rollover carbs. I dont like the unused one expiring at midnite!! |
|
|
|
|
01-29-2005, 12:03 PM
|
#18 (permalink) |
|
I am Winter Born
Location: Alexandria, VA
|
AIM actually runs over any port that you tell it to. For a while, I ran mine over port 13 (daytime port), or the finger port - just for fun. AIM is built to get around any and every firewall you have set up. Short of flat out blocking all traffic to AOL's netblock, you'll be very hard-pressed to stop AIM.
The best solution is an operating system/active directory solution, restricting the user's rights to install programs. Unless you're running in an Active Directory/XP Professional or Win2000 Professional environment, you'll be hard-pressed to set up effective policies. A user can always install AIM onto a USB memory stick at home and bring it in, plug in the memory stick, and off he goes. |
|
|
|
01-29-2005, 12:28 PM
|
#19 (permalink) |
|
Submit to me, you know you want to
Location: Lilburn, Ga
|
But wouldnt the web based client run off port 80? I know the program itself can be configured for any port...
__________________
I want the diabetic plan that comes with rollover carbs. I dont like the unused one expiring at midnite!! |
|
|
|
01-29-2005, 03:13 PM
|
#20 (permalink) | |
|
Loves my girl in thongs
Location: North of Mexico, South of Canada
|
Quote:
__________________
Seen on an employer evaluation: "The wheel is turning but the hamsters dead" ____________________________ Is arch13 really a porn diety ? find out after the film at 11. -Nanofever Last edited by arch13; 01-29-2005 at 04:27 PM.. |
|
|
|
|
01-29-2005, 04:23 PM
|
#21 (permalink) |
|
Devils Cabana Boy
Location: Central Coast CA
|
Create a second user account for the students, make them just be a user, and not an administrator.
Right click on my computer and click manage On the left side of the window look for the local users and groups, it is under system tools. Expand it and click on users. In the right pane, it will show the user accounts on the system. Right click and click new user. Give it a name, like Student Don’t give it a password, deselect 'user must change password...' Select user cannot change password And select password never expires Click creates and then click done. Next open the control panel and open user accounts Click change the way users log on and off Make sure the use the welcome screen is not selected. Lastly for each of the other accounts on the computer besides the student one, give them a password. Click on them and select create a password. This will give them access only as a user which can not install programs.
__________________
Donate Blood! "Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen |
|
|
|
01-29-2005, 06:52 PM
|
#22 (permalink) |
|
Mjollnir Incarnate
Location: Lost in thought
|
You could also try Fortres 101. One of my old schools had this on the computers. Kept the kids from ripping the computers apart, but still let us do work. Keep your computer normal, and run AIM whenever.
Fortres 101 is damn near impossible to crack. Believe me, I tried.  I do, however, have some workarounds (somewhere) that you might be interested in. |
|
|
|
01-30-2005, 06:18 PM
|
#23 (permalink) |
|
back from sabbatical
Location: Mosptopia
|
something you might look at is X-setup Pro, it's a free windows tweak program, and you can use it to block access to a lot of programs. I've used it to give my little bro an account on my system that can keep him off of the 'net
__________________
You're not fat, You're just a giant ball of love, covered in anger. |
|
|
|
01-31-2005, 09:34 AM
|
#24 (permalink) |
|
Crazy
Location: Meechigan
|
The problem is that there are so many other programs that run AIM, like trillian, gaim, etc....
What I did (before we got a layer 7 filter) was block AIM using Snort. You can set it up to send a RST packet every time it sees an AIM packet, therefore never allowing it to fully connect (PM me if you want to know how to set this up). Unfortunately, this blocks the whole network, so if you want to allow other people, this may not be the way to go (unless you want to set up SSH tunnels for those people).
__________________
Freedom would be not to choose between black and white but to abjure such prescribed choices. - Theodor Adorno |
|
|
| Tags |
| aim, disabling |
|
|
