Re: Keyloggers in computer labs

[James Cooley <jcooley () FIT EDU>]

We've actually run into the same kinds of issues with various pieces
of software not running properly as an administrator or power user.
The main culprits are engineering and CAD software such as Pro/
Engineer, AutoCAD, and AspenTech.

Our solution has been to use the free utilities filemon and regmon
from http://www.sysinternals.com/

With these pieces of software, you can see exactly what files and
registry keys your problematic software are trying to access and
modify.   With this information, you can relax security on just those
discrete bits of the registry or filesystem that the programs will
need to run as a non administrator user.   With all of the necessary
permissions in place, your software will run happily as a user with
restricted access.

--James Cooley




On Feb 6, 2006, at 9:08 PM, Kay Sommers wrote:

> How are you protecting your computer labs from the installation of
> keyloggers?   Lab managers want to use local administrator or power
> user accounts on these machines so that various applications run
> properly, but of course, that exposes these public machines to the
> possibility of anything being installed.  Re-imaging or return
> point strategies such as Deep Freeze still leave the machines
> vulnerable for a certain period of time.
> What approaches are being used to protect public machines other
> than not allowing privileged logins?