Interlopers.net - Half-Life 2 News & Tutorials

[8chaos]

hey i just recently added 2 more computers to my home network, when ever i have partys my users abuse my computers, and my internet.. my isp sent me letters about someone in my household is illegally downloading software and music.. what i want to do is setup something were when someone goes to access the internet, were they will have to read a agreement that they will not download anything that will harm my good standing with my isp, or my computers them selves.. i had to reinstall windows almost 50 times on 3 of the most used computers.. no matter how hard i try windows keeps epically failing me............

i want my users to have to enter a capita to get restricted access, or a master password to gain full access only for my trusted users, i alrighty have my computers locked down with local policies were they cant install any kind of software.. my firewall blocks frostwire, and most other p2p programs, i have keyloggers that reports everything they do, and sends alerts to my main computer about any changes being attempted on my computers, also my wifi is locked down but when i do give out the password i want that agreement to pop on mobile device browsers as well..

Another problem is live cds, this one program injects user accounts into the windows registry i can go into the bios and disable usb booting and cd booting, but i became aware of a exploit that right before windows boots someone somehow tricks it to boot straight onto a usb drive, i've seen damn small linux running on one of my computers and it had me baffled, also the ultimate boot cd for windows i seen running aswell.. thanks

[Terr]

It sounds more like you live in a place with tons of people you don't--and cannot--trust. I don't see how some little contract is supposed to help anything here. It's possible that it may not shield you from infringement claims coming in through your ISP unless you're also willing to spend money on a lawyer.

No offense, but is this like a party-house at a college or something where there are tons of people nobody really knows wandering around asking if they could "just check their e-mail"?

[Major Banter]

I'd lock all the computers down with a child block. No downloads, no porn, no nothing. Admin gets full access only. Easy enough.

In fact, I don't think you even get youtube with that.

Though I don't see why you don't just remove the power cables or password them until they learn to respect the internet service agreement.

[Terr]

• Set up each machine (I assume Windows XP/Vista/7) with an administrator-level user which only you know.
• Set up non-administrator accounts for other people who live there and who may need things like a place to store their documents. You personally sit down with these people and explain the issues.

Those first two points are good in pretty much any environment. Even on single-person computers I encourage people to not run their day-to-day activities as administrator.

• Perhaps Set up a "guest" account for random people who "just need to check their e-mail". You can schedule something so that every night at 4AM (unless the computer is in-use) the Guest data is all wiped so they can't leave junk behind. This account
• The computer needs a BIOS setup password which only you know.
• The computer needs to be set to boot from the hard drive FIRST, and no the CD or USB.
• There needs to be a punishment for anyone found tampering. Like being totally blacklisted from all future parties and having their photo posted on a wall of shame.

But since physical access is present (and you're not locking the computers away in a room) ultimately it's a problem with who gets invited and how trustworthy they are to be good people.

[8chaos]

some of the people who come by are very tech smart, i have 3 years of technology school under windows and linux, and my knowledge just isnt as good as i thought, i tryed to use linux as the default os, but people complain i cant use this!! wtf, then others just plain sabotage the os, btw i used ubuntu, then slax and both failed.

the problem with guest accounts is if the main os aint loaded and a live cd boots they can modify the registry and set the guest account to an administrator account and i cant log the program name so i have no idea what the program is called i herd of a program called password renew pro but it can only inject user accounts which still is a problem .

see at my house its pretty much bring money, weed, byob and you can use the computers, but in this town people get pissed when shits blocked and locked out so they try to break shit

im trying to set up a terminal server and just have everyone use the remote sessions, but i herd of some serious security exploits, i dont want my file server to get trashed, the file server is the most powerful computer i have and would prolly be the only one that can support 10 -15 remote sessions concurrently

[coder0xff]

Set the bios to only boot to hard disk. Set a bios password. Use your routers fire wall (most have them these days) to block traffic on ports for things like torrents, lime wire, etc. Set a password on your routers config so they cannot change it. Enable encryption or your network if you have a wireless router. Enable the guest account in windows. Install a program called Deep Freeze or some variant. It puts a special driver on the hard drive so that no matter what changes are made to the computer or hard drive, it will all be reverted when the computer is rebooted. You could also set up a boot up bios password so that they can only get on the computer with your help, and you can log who is on at what time and have them sign so they are accountable. Make sure they understand that they must shut the computer down when they are done, and not to allow others on lest they be held responsible for the others actions.

[nub]

I'm not very smart about all of this, but Coder's ideas sound like your best option.

Try every technical option that the other users here have listed, and beef up your security, and:

There needs to be a punishment for anyone found tampering. Like being totally blacklisted from all future parties and having their photo posted on a wall of shame.

This is a great idea in my opinion. If it's feasible, you should definitely go for it. Otherwise I would suggest you inform everyone that whatever computer is tampered with, will be removed permanently until further notice. Put notes at each computer stressing the issues and what the consequences will be.