Crazy END USER Keeps blowing up my system!

[jONNYSMOOF]

I have an end user who is out of his mind. He is brilliant at his job but when it comes to his computer......NOT SO BRILLIANT. He is convinced that some one from his old job is hacking into his computer and changing his files. This is not the case. Fact of the matter is he is looking for ways to delete files and change settings that he believes are security vendibility. He is way off base but because of how much he produces monetarily for the company, I have to humor him.

THIS IS WHAT I HAVE DONE;

I set him as a User

Then I used Access Manager (http://www.softstack.com/accmen.html) to protect the rest of the system

But he is still some how deleting files. I would like to secure the boot process so that he cannot go into safe mode or any other mode that bypasses the standard startup.

HELP!

[boooggy]

u can use this program which is called deep freeze.

information here: info

and download here: download

[DigeratiPrime]

Is this Windows XP? Use Limited User Accounts. Make sure the Administrator account has a complex password.

Hmm, hacking into the computer... Definetly paranoid, not my business though.

Setup a firewall. If you need a free one I reccomend ZoneAlarm.

You dont need DeepFreeze; can you set a BIOS password? To keep users from rebooting the machine?

Edited May 25, 2005 by DigeratiPrime

[jONNYSMOOF]

Bios is very limited the former controller bought a POS (piece of ShI*) DELL.

I want to limit what he can do befor he gets to the windows boot up!

[dman]

You would be better off showing him what firewall does and how to monitor it so he can prove to himself there is noone in his files. I know this type, and if you don't set him straight soon he will be opening the case or reformatting the drive or some other irrational act.

[[deXter]]

First of all, if you have any drive in the computer (floppy/cd), then you can say goodbye to XP's security. Its only WAY too easy to gain admin rights..plus you could delete stuff directly off the disks too without even needing an os.

Even if you put in a BIOS password, it can easily be cracked by yet another program, like CMOSPWD (that dont even require a bootdisk).

You dont need to be a rocket scientist to do all that.

So its better that you dont do any of these so called 'restrictatory' measures as theres always a way to get past them. Rather you install some normal security software like ZoneAlarm and probably some privacy and encryption software (maybe PGP) and then have a 1-1 talk with him. Explain to him about the software and convince him that he is secure and theres no need to go paranoid.. All in his best interests.. etc

[Saraband]

[boooggy]

@Saraband

very funny!!!!

[jONNYSMOOF]

thanks for all the good advice. You guys out ther are grate!

[Treeman]

Just give him a live CD version of Knoppix (Linux) It only boots from the CD without touching the hard drive. It has all the software he'd need to do stuff both online and off, without the fear of being hacked.

The different free & paid for distros can be found here;

Knoppix

This works best if used while wearing an aluminum hat!

Best,

Treeman