Microsoft SteadyState - white listing web pages

[Nocturnal]

Anyone familiar with SteadyState?

I am trying to implement it here at work for an online banking PC. Basically I have it set to white list 4 sites that our acct. dept use for online banking. It is a stand alone PC which is separated from the rest of our network. Also it is locked down so that users cannot install any programs or make any changes to the system.

The problem I'm encountering is that after white listing the web pages there are two sites that appear to have external content that is being blocked since it is not on the white list.

Also I'm running into SSL cert problems telling me that it's expired. As soon as I disable the white listing feature for SteadyState it works again as it should.

Does anyone have any recommendations or suggestions? I'm guessing I could somehow figure out what external content is being displayed... any suggestions on how to figure that out?

Thanks!

Yes, my next suggestion to my team will be to possibly implement a live Linux boot CD that has been recommended by many security professionals.

 

[RadiclDreamer]

How about putting a hosts file in for the 4 urls and then removing dns and disallowing adding it back. Sure they can drop to a command prompt and nslookup site.com 4.2.2.2 and get the ip for a site, but thats not super likely.

 

[Nocturnal]

I got some info regarding a setting on the Microsoft board so I'm going to give that a try otherwise I will keep what you said in mind. Thank you.

 

[LOFBenson]

Set up the whitelist at the firewall not on the pc. It's easier and probably safer that way anyways. There's dozens of ways to do it in software... but none of them are really perfect. Either way you should be able to check the firewall logs to figure out what extra access you need to allow once you use it in unlocked mode.

 

[Zstream]

I would use k9 web protection or something a little easier to setup