Skip to main content

Would the list like to help me start a shared list of restricted software names and process names? Maybe we can put one together and pass it off to JAMF to manage/update? I'm sure we all have our pet peeve applications. And I am sure there are new ones coming out all the time or ones we may have overlooked. So I suggest bringing our minds together and making a master list with some details so we can pick/skip the ones we need.

Here is the format I suggest:

Software Name: Skype
Process Name: skype <--not sure on this one
Type of Application: Voice over IP software with video and file transfer features.
Risk: File transfer features bypass company firewalls and could allow infected files in to network.
Website: http://skype.com

Rich Barron

Rich

In the past I just installed all of those apps on a machine and took note of what the process was labeled since it is case sensitive. Skype, should be just like that, Skype.

We had restricted skype and if it detected it, it deleted it and sent the user a message saying their computer has been logged for running illegal software.

I am sorry as I never kept or maintained a list.

-Tom

I restrict software by folder and no longer do individual apps. Then I make sure that /Applications is owned by root:admin and do not allow any app to run from any other folder via MCX. With version 7 you should be able to do this with out having a OD Server in place, I think.

This is much easier and then it requires way less management. Then you must authenticate via local admin to install software. MCX settings already do this via OD Servers. I then toss all of my apps that I want my IT staff to use in /Applications/Utilities and set the group policy for students to not allow them to run apps from that folder.

They will not be allowed to run any process outside of the Applications folder and it will require admin rights to install anything in the /Applications folder. So if they try to run a mobile version of Firefox from say a thumb drive they will get denied. There are a few caveats to it, like if you allow applications to open other applications outside that folder it can get tricky. Otherwise, it is way more simple and easy to maintain it that way.


Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
blackberry: 913-449-7589
office: 913-627-0351

That sounds like a good idea. We'll have to give that some thought for the next build.

But in the mean time, I'm still looking for a list of applications/processes you all are using today.

Rich Barron

In the past I just installed all of those apps on a machine and took

note of what the process was labeled since it is case sensitive.

Exactly why I thought we should put a quick list together. It might save us all some time and effort and open our eyes to what others are seeing out there as problems. Being forewarned is being fore armed. Plus it may not look so good to be seen searching for a bunch of 'bad' programs, downloading them and running them. It may even violate some laws (be glad you don't have to deal with SOX in the edu environments).

I talked to JAMF and they said they would be happy to get such a list from us for the same reasons I mentioned above. So if you have any out there or ideas of any maybe I can look into, drop me a note off list.

Thanks!

Rich Barron

"Thomas Larkin" <tlarki at kckps.org> 08/06/2009 12:49 PM

To
<Rich_Barron at vfc.com>
cc
<casper at list.jamfsoftware.com>
Subject
Re: [Casper] List of restricted software?

Rich

In the past I just installed all of those apps on a machine and took note of what the process was labeled since it is case sensitive. Skype, should be just like that, Skype.

We had restricted skype and if it detected it, it deleted it and sent the user a message saying their computer has been logged for running illegal software.

I am sorry as I never kept or maintained a list.

-Tom

Terms & ConditionsCookie settingsAccessibility statement