Tired of Counter-Strike
Page 1 of 4 123 ... LastLast
Results 1 to 10 of 39

Thread: Tired of Counter-Strike

  1. #1
    Junior Member
    Join Date
    Feb 2004
    Posts
    11

    Tired of Counter-Strike

    hey guys i work for a high skool ... we now introduced laptops to students .. but the problem is that students (after reseting the local admin password with bootcds) installed counterstrike and play that all day long ... i want a way to stop this .. i dont want a network cafe in the class the switch that i use a L2 d-link switch .. can i do something, anythign ?

    best regards
    ramzi chekkath

  2. #2
    If this is a cyber cafe, do they even need access to the CD drive? If not, disable it from user access.

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    If your switch is only operating at layer 2, you're going to have to add a layer 3 device. This can be as expensive or inexpensive as you choose. Depending on your resources.

    You'll have to stop them from connecting to the servers using a firewall or at the router.
    You could put a firewall/router between them and the border router and block them yourself (if you have the authority). You can do this with another router or look into something like smoothwall. Or, just a linux box with iptables. Only allow access to what they need and deny everything else.

    Disable their ability from booting to floppy, usb or CD and put a password on the BIOS so they can't reset the pwd.

    Don't they have to follow an AUP? Enforce the rules.
    Can't they be supended or detention (without the laptops) for tampering with the PCs and resetting the admin pwd?
    If you make an example out of a few of them, or contact parents... I'm sure the activity would stop.
    We'll make a network nazi out of you before long.
    The kids will dislike you just like most employees dislike their network admins / security admins.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #4
    Banned
    Join Date
    Sep 2004
    Posts
    305
    Disable booting from CDs from BIOS and add a BIOS password. Done. =)

  5. #5
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Originally posted here by ;TT
    Disable booting from CDs from BIOS and add a BIOS password. Done. =)
    If you had read the thread... you'd have seen that I already said that.

    Also, not done. There are ways to reset the BIOS password too.
    IMO- You have to implement security in layers. One thing might work for a little bit... but before long you're going to be back at square one. As soon as one person figures it out... its everyone is going to be resetting the BIOS pwd.

    What grades are we talking here?
    I still think that the AUP and some old fashoned dicipline is going to be the best deterrant.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  6. #6
    Banned
    Join Date
    Sep 2004
    Posts
    305
    All security features have a way around them in the end... but disabling the boot from CD feature and then putting a BIOS password on is the best he can do other than actually removing the drives from the computers.

    Your idea for having a 3rd layer security device isn't that logical. Stopping the users from connecting to outside servers will only encourage them to bring other games that don't require internet access to play thus only furthering the problem.

    What I do agree with is striking down upon those who break the rules. Talk to deans or principals and have them take away offenders' computer privileges and/or start handing out referrals or what not, let them know that if they screw with the computers, that they'll pay for it.

  7. #7
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    ;TT: I understand your thinking and I agree with you. There are ways around practically any security that you put in place.

    Thats why I suggested layering. If he implements more than one layer then they 1. can't get admin priv. on a machine via resetting admin pwd. and 2. can't use unauthorized services.

    The only services I can see a student needing is http/https, ftp (maybe), pop3 and smtp (if not using http/https based email) and access to shared drives if there are any. Any other services should be allowed on a group basis if there is a legitimate reason for them. EG. AIM and other IM services has no place in school -- IMO. I realize that there are many different ways to get around traffic and port restrictions... but the idea again is layers. Proxy servers, snort, and firewalls can go a long way. There is no reason that I can think of to NOT limit outgoing traffic from a student subnet.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  8. #8
    Junior Member
    Join Date
    Feb 2004
    Posts
    11
    OK here is wat i missed !

    they are playing CS in class among each other .. that means one person runds the server while the others connect to him. now all wat i want to do is .. detect these ppl such activity in class and report them to the principle... this is wat i finaly decided to do .. i think ill use ethereal to capture the packets. but the problem is .. would ethereal capture packets on a layer 2 switch ? or it requires a hub ?

    i know the topic is deviating from one to the other forgive me for that

    regards
    ramzi chekkath

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    Being the thoroughly evil person that I am I would "arrange" a couple of random powercuts per lesson, because I know that really, really, annoys network gamers

    Seriously,

    http://www.protect-me.com/usb/?refer...s&referer2=cdr

    Software like that could be a help?...........lock the PCs

    Have a quiet word with your principal. AFAIK Counterstrike is not freeware? so he should make it very clear that anyone who installs any unlicenced and unauthorised software will be expelled/suspended/castrated...........the school is at risk of being sued/fined?.........make sure that he is aware that HE is responsible (they always shoot the boss)

    I would also load one of those internet browser control softwares and block them from downloading, certainly compressed and executable files. I presume that you can set up a folder on a server where they could get any legitimate software that you chose to let them have? That would give you control over suitability, make your laptop population more stable and give you a chance to ensure that it was all malware free.

    As phish~ has said the idea is layers. Maybe locking the registry on their machines would be an option?

    By the way you did not mention the OS they are using.........XP home or XP pro?

    You are now engaged in a running battle that you will never win, because you will get a new batch of smarta$$es each academic year.

    Best of luck mate!

  10. #10
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    ramzi: You can sniff the traffic through a switch. Look into ettercap or dsniff.
    You can arp flood the switch and "confuse" the switch turning it into a hub.

    This will allow you to see which machines are playing CS by examining the connections on the machines and report them.

    What kind of network is this? Is this a domain in which the workstations are a member of?
    If so, what type of privledges do you have on the domain and/or laptops?

    You can use pstools from systernals to see what processes are running on remote machines.
    Then you can use pstools to kill the processes you don't want running. (counterstrike)
    This type of thing could be scripted using a batch file.
    You can even reboot or shutdown the offending machines.
    pstools is a nice little suite. I have fun at work now and again with coworkers...

    You can then report the offenders to the principal...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •