With the help of the access options you can intercept system-critical key combinations, block access to CD-ROM drives and, in particular, adjust browser-related access settings.
Security Settings
Block system critical key combinations
If you check this box, the button Settings is accessible for customizing the list of blocked key combinations. The most well-known key combination you can intercept by means of this function is CTRL-ALT-DEL. However, you might also want to block other key combinations when using a regular keyboard.
Please ensure that if you use a USB keyboard, that it is Microsoft compatible. Unless the keyboard is Microsoft compatible, intercepting key combinations will not work. A regular PS2 keyboard will work fine. Also don't forget to reboot the system after you installed the software for the first time.
Settings:
- Suppressed Key Combinations
In this option you can block certain key combinations or all key combinations from a predefined key combination list.
- User-defined combinations
Use this option to define up to three user-defined key combinations that have to be blocked.
Activate lock for CD-ROM drives
Blocking access to the CD-ROM door makes sense if you want to protect CDs from theft or safeguard the drive itself against damage (e.g. caused by chewing gum). Once this option is on, the CD-ROM drive can no longer be opened by pressing the button on the drive as long as SiteKiosk is running. You might have to reboot your computer normally (ie without SiteKiosk) in order to be able to open your drive again.
Lock workstation when removable disk is attached
As long as the ports of your computer remain accessible to the users of your terminals, your users might take advantage of this fact by inserting removable storage drives such as USB memory sticks, or ZIP drives. In doing so, they open up a security gap in SiteKiosk because they will be able to launch any tool or program that is stored on these media.
Enabling this option ensures that your workstation will be locked as soon as a removable storage drive is attached to or inserted into any of your machine's ports. The user will be notified about the lockup by a pop-up box. Please note that this rule does not apply to internal floppy drives.
Encrypt configuration
The SiteKiosk configuration can be encrypted using the Advanced Encryption Standard (AES). This is usually not required because the default security settings of SiteKiosk and the restricted SiteKiosk Windows user are sufficient. The encryption is using the SiteKiosk license key, a valid key is therefore required. Encrypted configuration files are only readable on computers where the same license key is available.
Browser Security
Default
If you click on "Default," the options on this page will be set back to the default settings.
Content Advisor
SiteKiosk will generally adopt the settings of the Internet Explorer. The button will load a settings dialog box that deals with topics like Security/Privacy/Content/Connection etc. For further information please consult the IE's Help menu.
Allow Java & VB Scripts
Permits the execution of scripting languages. We recommend turning this option on due to the wide use of these scripts on web-sites.
Load new ActiveX controls
CAUTION:
Do not turn this option on because automatic dialer programs, viruses, or hacker tools might be installed on your computer. If your web page makes use of an ActiveX control (e.g. in connection with a banking application), load it in the regular Internet Explorer. This will allow the control to be installed on your computer. After this, you can also use the control under SiteKiosk. You might have to check the box always trust... when downloading the ActiveX control to prevent it from being run only once.
Allow Java applets
Java Applets are independent programs. Quite a few web sites offer Java games or Java chats.
CAUTION:
If you use the Payment Module you might want to deactivate JAVA. In many cases the coding of these programs is incorrect. This may prevent SiteKiosk from closing after the surfing time is up. If this happens, non-paying surfers can continue chatting or playing even though the credit has been used up.
Java applet does not work in SiteKiosk?
To avoid problems with Java applets you should always use the latest version of the Java Runtime Environment. Get the most current version at http://www.java.com/.
Before installing the current version uninstall previous versions to make sure you get a clean install. Additionally open your Internet Explorer and clear the cache manually (Note: this is user specific and should at least be done for the user you want to run SiteKiosk with).
Please note that it can lead to problems when the Microsoft Java VM (Virtual Machine) and the current Sun Java Runtime is installed. The Microsoft VM can mostly be found under older Windows versions (including early versions of XP). You can find out if it is installed on your machine by checking Internet Explorer -> Tools -> Internet Options -> Advanced. The Microsoft VM has its own segment when installed. The Microsoft VM can not be easily uninstalled using the control panel, therefore Microsoft provided a small tool (use at your own risk) for this purpose. You can download it
here.
Use ActiveX Controls
You should allow the execution of ActiveX controls that have already been installed on the computer. Should a web site require an ActiveX control that has not been installed on the computer yet, this control will neither be installed nor executed if "Load new ActiveX controls" is turned off. We do not recommend turning this option on. Please refer to our note #4 above, "Load new ActiveX controls."
No script error messages
This option should stay turned on to prevent script errors displayed on pages. Although no dialog box will appear, possible script errors will be displayed in SiteReport.
Block insecure ActiveX controls
There are ActiveX controls that might allow the user to access hard-drive files or manipulate your system. Whenever the activation of an insecure ActiveX control has been prevented, the browser will display the following notification:
Insecure component has been removed by SiteKiosk
In addition, SiteKiosk will add a notification log entry to the log files.
Turning off the checkbox will not allow all unsecure controls. SiteKiosk still blocks some controls that we consider extremely dangerous, to allow them expert users might edit the file UnsafeActiveXCtrls.xml located in the XML subdirectory of SiteKiosk and delete or add (if you want to permanently block additional controls) some control CLSIDs.
For example, the following entry will prevent the VBScript printer controls from being displayed.
<control clsid='8856F961-340A-11D0-A96B-00C04FD705A2'/>
<!-- WebBrowser -->
|
Disable Windows accessibility features
Win2K/XP provide accessibility options specially designed for handicapped people. These options can create problems for Internet terminals. To determine if this option is available on your terminal press the key combination ALT (left side of keyboard), Shift (left side of keyboard) and PRINT. If your display settings have changed, you can undo the change by pressing the same key combination again.
In order to prevent your users from being able to call similar functions, you should leave this option turned on.
Run SiteKiosk with lower privileges
Applies to Win2000/XP (under Vista/7 this is automatically enabled to meet Vista/7 requirements and therefore not shown).
Activating this check box will restrict the user rights of the SiteKiosk process to increase security. This does not apply to the already restricted SiteKiosk user, but any other Windows user the SiteKiosk process is started under. Note that this does not generally strip the Windows user of some of its rights but it affects only the SiteKiosk process started under Windows and processes started by it. For example even an administrator user needs to authenticate again if trying to open an application that explicitely needs administrator rights, e.g. the SiteKiosk configuration when started from the Escape Menu.
CAUTION:
Make sure the necessary file access is available when activating this security restriction, especially when using external applications and adding folders to the file manager of SiteKiosk.
Block HTTP post file uploads
This option prevents users from uploading files from local computers by means of Web forms. For instance, webmail services such as Hotmail or Yahoo mail provide these forms on their servers to allow their users to attach files to their messages. Since users should generally not be allowed to access files stored on your terminal, you should turn off this option only when you run SiteKiosk under the restricted SiteKiosk user. By default the dialogs associated with this feature are only allowed for that user.
URLs with Script Permission
Notes and tips:
- Do not turn on the option "Load new ActiveX controls."
- The settings for downloads and the saving of files can be adjusted under "Windows & Dialogs".
- Since Java applets are independent programs, SiteKiosk's control of them is limited if not non-existent.
Volver arriba
Inicio Ayuda