We're not allowing employees to use their personal systems to access our resources. This was more in the nature of a public service announcement to our employees to help them protect themselves.
We have corporate laptops with VPN, Citrix, OWA, etc for remote access depending on need and requirements for access. We're not crazy. Steven On Thu, Oct 23, 2008 at 6:58 PM, Durf <[EMAIL PROTECTED]> wrote: > If I had my way at a large enterprise, I'd only be allowing access via RDP > or ICA through SSL VPNs, preferably with two-factor RSA authentication. > > Ideally from thin clients. I'd happily send them home to employees > preconfigured. > > -- Durf > > On Thu, Oct 23, 2008 at 9:00 PM, Steven Peck <[EMAIL PROTECTED]> wrote: >> >> I mentioned to our security team, that tomorrow, we should do an >> announcement encouraging our users to update their home systems. So >> they understand how serious this sort of issue is. We can use this as >> a positive opportunity to maybe, just maybe help prevent them from >> getting something infected on their system. They thought it was an >> excellent idea. >> >> Steven >> >> On Thu, Oct 23, 2008 at 5:52 PM, Durf <[EMAIL PROTECTED]> wrote: >> > Exactly. Think of all the poor suckers who install Antivirus XP 2009 >> > without a care in the world. >> > >> > As soon as that sucker incorporates this exploit, things will get >> > hopping. >> > >> > -- Durf >> > >> > On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]> >> > wrote: >> >> >> >> All it takes is a hacked website serving up an .exe to a browser user >> >> who >> >> happily runs it. >> >> >> >> >> >> >> >> Carl >> >> >> >> >> >> >> >> From: Michael B. Smith [mailto:[EMAIL PROTECTED] >> >> Sent: Thursday, October 23, 2008 7:22 PM >> >> To: NT System Admin Issues >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, >> >> stay tuned >> >> >> >> >> >> >> >> All it takes is one VPN'ed computer that is infected to compromise the >> >> enterprise. >> >> >> >> >> >> >> >> Regards, >> >> >> >> >> >> >> >> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP >> >> >> >> My blog: http://TheEssentialExchange.com/blogs/michael >> >> >> >> Link with me at: http://www.linkedin.com/in/theessentialexchange >> >> >> >> >> >> >> >> From: Ken Schaefer [mailto:[EMAIL PROTECTED] >> >> Sent: Thursday, October 23, 2008 7:17 PM >> >> To: NT System Admin Issues >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, >> >> stay tuned >> >> >> >> >> >> >> >> I think having firewall enabled by default on Windows XP SP2+ and >> >> Windows >> >> Vista will help mitigate the issue in consumer land. >> >> >> >> >> >> >> >> Some of the orgs I work in now use router ACLs or FW rules to block RPC >> >> traffic across subnets/VLANs. That will help mitigate the issue as well >> >> >> >> Cheers >> >> >> >> Ken >> >> >> >> >> >> >> >> From: Kennedy, Jim [mailto:[EMAIL PROTECTED] >> >> Sent: Friday, 24 October 2008 8:42 AM >> >> To: NT System Admin Issues >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, >> >> stay tuned >> >> >> >> >> >> >> >> Prior to me being here this district ignored Code Red. They got nailed >> >> bad >> >> and had to shut down for a week and go re-image 3000 computers. Feel >> >> free to >> >> quote me on that if you need to J >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] >> >> Sent: Thursday, October 23, 2008 5:28 PM >> >> To: NT System Admin Issues >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, >> >> stay tuned >> >> >> >> >> >> >> >> I work at a hospital too, and this situation is a ohh well take NO for >> >> an >> >> answer, I have ran it all the way to the top here, and said its getting >> >> done, I don't care about the downtime its better to swallow the pill >> >> now >> >> then clean up the mess laters. >> >> >> >> >> >> >> >> I also come in early in mornings ( Like 3:00am or earlier to patch my >> >> systems each month) >> >> >> >> >> >> >> >> So I feel your pain. >> >> >> >> >> >> >> >> Z >> >> >> >> >> >> >> >> Edward E. Ziots >> >> >> >> Network Engineer >> >> >> >> Lifespan Organization >> >> >> >> MCSE,MCSA,MCP,Security+,Network+,CCA >> >> >> >> Phone: 401-639-3505 >> >> >> >> ________________________________ >> >> >> >> From: Chinnery, Paul [mailto:[EMAIL PROTECTED] >> >> Sent: Thursday, October 23, 2008 5:26 PM >> >> To: NT System Admin Issues >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, >> >> stay tuned >> >> >> >> >> >> >> >> Must be nice. I work in a hospital so all of the clinical pc's are >> >> always >> >> on. The only thing we could do was to set up the reboot for 3:30 AM >> >> (same >> >> time as when I or my buddy have to do a real early shift to install >> >> patches >> >> and reboot servers.) >> >> >> >> >> >> >> >> ________________________________ >> >> >> >> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] >> >> Sent: Thursday, October 23, 2008 11:16 AM >> >> To: NT System Admin Issues >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released today, >> >> stay tuned >> >> >> >> And it does require a reboot after install. I hate when out of cycle >> >> patches require reboots. I prefer when my users don't know. >> >> >> >> >> >> >> >> >> >> >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] >> >> Sent: Thursday, October 23, 2008 6:28 AM >> >> To: NT System Admin Issues >> >> Subject: Out of Cycle Critical Windows Patch to be released today, stay >> >> tuned >> >> Importance: High >> >> >> >> >> >> >> >> Heads up gang, more patching for this month, this one out of cycle and >> >> critical no additional information yet. >> >> >> >> Z >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > >> > >> > -- >> > -------------- >> > Give a man a fish, and he'll eat for a day. >> > Give a fish a man, and he'll eat for weeks! >> > >> > >> > >> > >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > -- > -------------- > Give a man a fish, and he'll eat for a day. > Give a fish a man, and he'll eat for weeks! > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
