2

My home country trying to crack down on corruption in government job examination cheating. However, some party was able to bribe the lab that conducted the exam and put remote access software into the computer, such as TeamViewer to allow a third party to "help" designated candidates.

In my opinion, it is not possible for the government to check each computer deploying the cheating software. This is unfair as students who pay the bribes are able to get a job by passing the exam by cheating with flying colors, while the poor students who work hard for two to three years are left without a job.

I met a local police officer who told me that the country is making every effort to stop it but are not able to succeed.

Is it possible to block some port from lab local router? Or it is possible to blacklist all traffic except the examiner server connection? In one lab there are 200 or 250 computers. Or is there a way to stop those remote access software or prevent installation?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Praveen Yadav
  • 331
  • 2
  • 10
  • Honestly, I almost flag this question as scope too broad and obsolete. E.g. properly configure network boot, VM boot image,etc can prevent unauthorized software installation. IMHO, those hightech cheating will go beyond the PC but switch to electronic gadgets. – mootmoot Sep 06 '18 at 15:27

2 Answers2

2

This type of thing is solved by configuring a firewall to block the connections. But the lab runs the firewalls. So, there would have to be government-managed firewalls for this solution to have any integrity.

The same problem applies to trying to prevent installations. Whoever can physically touch the machines, owns the machines. The government would have to run these labs.

The one thing that could be done is to work with ISPs to monitor and report on these labs when there is unauthorised traffic. This would invalidate the lab and the exam results, but the students who paid for the exam might end up losing their fees.

schroeder
  • 123,438
  • 55
  • 284
  • 319
1

some party was able to bribe the lab that conducted the exam and put remote access software into the computer

This is the core of your problem. When someone has physical access or control of device, it is difficult to prevent them from doing unintended things with it.

You don't give much detail on the lab or the testing process, however...

Is it possible to block some port from lab local router? Or it is possible to blacklist all traffic except the examiner server connection? In one lab there are 200 or 250 computers. Or is there a way to stop those remote access software or prevent installation?

...you go on to ask these questions which makes it seem that it is only individual staff at the site that is the problem, but the "lab" itself may be operated/controlled by the government.

If you control the network, you certainly can limit or deny access to or from the lab computers. This just takes proper consideration and planning. Keep in mind that there are many ways to circumvent restrictions, so it is best to give minimum access only to essential resources.

As for preventing installation of software, that would depend on the operating system, but most operating systems have multiple means of limiting user access. Permissions, user rights, and/or policies can be implemented to help prevent things like software installation or access to portable media (i.e. USB flash drives, etc).

Outside the operating system, I have seen products such as Deep Freeze used to great effect in university computer labs for similar reasons. Any changes following the point at which the computer image is frozen will be removed following a simple reboot. It is often common practice in such teaching labs that the computers must be completely powered down before a test to remove any changes.

I have also seen several different classroom monitoring applications that allow an instructor (or third party outside the classroom) the ability to monitor what is taking place on computers in a lab from a central computer/location. This may be as simple as viewing what is taking place on the screens to things like reports on application in use (both in foreground and background).

There are many options out there, which ones and exactly how to implement would require knowledge of your environment, knowledge of your needs, and how many resources you have available (i.e. money, staff, etc).

YLearn
  • 3,967
  • 1
  • 17
  • 34