amfony Posted July 19, 2006 Share Posted July 19, 2006 Hello, i am a relative newbie, i had some success with autoIT3 and automating some mail setups for my users romainf profiles. I am now back to use the unrelenting power of autoIT to do this ... I have users who can via our policy use usb devices to bring in and out work. AV is realtime on access scan so everything is sweet, however what i would like to stop is the introduction of EXE and ANY executable (including .au3, ,vbs, cmd, js, .pl) into users home folders and local drives. So the autoITscript i would like to create (im not asking to have stuff made for me i want to learn) would need to read for file extensions and prohibit thoes files on my system (IE any drive other then the drive it is coming from). If prohibiting is not possible, then a log of what usb drive had wat exe on it. Sorry if too vague, let me know Link to comment Share on other sites More sharing options...
Xenobiologist Posted July 19, 2006 Share Posted July 19, 2006 (edited) Hi, that won't get you much further. If you have such a script it prevents the user from coping it. OKay. So far so good. But your script has be to runned all the time checking for changes. And what about renaming the virus.exe to virus.123 and then after the script accepted it rename it to virus.exe? Many possibilities to ... I'm not willing to post bad comments, but I think it is better to make youself absoultely clear, of what you want to achieve in the end. So long, Mega Edited July 19, 2006 by th.meger Scripts & functions Organize Includes Let Scite organize the include files Yahtzee The game "Yahtzee" (Kniffel, DiceLion) LoginWrapper Secure scripts by adding a query (authentication) _RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...) Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc. MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times Link to comment Share on other sites More sharing options...
Briegel Posted July 19, 2006 Share Posted July 19, 2006 @amfony,surely with AutoIt nothing could be impossible. But you have to see the effort. What about renamed files? You have to read and analyze every fileheader. Users (and admins?) shouldn't be able to close your program. Your program should be optimal run as a service. etc.I think if your security desires such a solution it's better to buy commercial software like DeviceWatch or DeviceLock® or other tools google find for you.In my company we're using DeviceWatch and CDWatch from IT Watch and both are absolutely functioning fine. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now