We too provide NFuse access for select remote users. Is there risk of infection from a user's home PC? We prevent local drive to remote users via Policy.
- Sean On Fri, Oct 24, 2008 at 9:00 AM, Steven Peck <[EMAIL PROTECTED]> wrote: > We're not allowing employees to use their personal systems to access > our resources. This was more in the nature of a public service > announcement to our employees to help them protect themselves. > > We have corporate laptops with VPN, Citrix, OWA, etc for remote access > depending on need and requirements for access. > > We're not crazy. > > Steven > > On Thu, Oct 23, 2008 at 6:58 PM, Durf <[EMAIL PROTECTED]> wrote: > > If I had my way at a large enterprise, I'd only be allowing access via > RDP > > or ICA through SSL VPNs, preferably with two-factor RSA authentication. > > > > Ideally from thin clients. I'd happily send them home to employees > > preconfigured. > > > > -- Durf > > > > On Thu, Oct 23, 2008 at 9:00 PM, Steven Peck <[EMAIL PROTECTED]> wrote: > >> > >> I mentioned to our security team, that tomorrow, we should do an > >> announcement encouraging our users to update their home systems. So > >> they understand how serious this sort of issue is. We can use this as > >> a positive opportunity to maybe, just maybe help prevent them from > >> getting something infected on their system. They thought it was an > >> excellent idea. > >> > >> Steven > >> > >> On Thu, Oct 23, 2008 at 5:52 PM, Durf <[EMAIL PROTECTED]> wrote: > >> > Exactly. Think of all the poor suckers who install Antivirus XP 2009 > >> > without a care in the world. > >> > > >> > As soon as that sucker incorporates this exploit, things will get > >> > hopping. > >> > > >> > -- Durf > >> > > >> > On Thu, Oct 23, 2008 at 8:49 PM, Carl Houseman <[EMAIL PROTECTED]> > >> > wrote: > >> >> > >> >> All it takes is a hacked website serving up an .exe to a browser user > >> >> who > >> >> happily runs it. > >> >> > >> >> > >> >> > >> >> Carl > >> >> > >> >> > >> >> > >> >> From: Michael B. Smith [mailto:[EMAIL PROTECTED] > >> >> Sent: Thursday, October 23, 2008 7:22 PM > >> >> To: NT System Admin Issues > >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released > today, > >> >> stay tuned > >> >> > >> >> > >> >> > >> >> All it takes is one VPN'ed computer that is infected to compromise > the > >> >> enterprise. > >> >> > >> >> > >> >> > >> >> Regards, > >> >> > >> >> > >> >> > >> >> Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP > >> >> > >> >> My blog: > >> >> http://TheEssentialExchange.com/blogs/michael<http://theessentialexchange.com/blogs/michael> > >> >> > >> >> Link with me at: http://www.linkedin.com/in/theessentialexchange > >> >> > >> >> > >> >> > >> >> From: Ken Schaefer [mailto:[EMAIL PROTECTED] > >> >> Sent: Thursday, October 23, 2008 7:17 PM > >> >> To: NT System Admin Issues > >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released > today, > >> >> stay tuned > >> >> > >> >> > >> >> > >> >> I think having firewall enabled by default on Windows XP SP2+ and > >> >> Windows > >> >> Vista will help mitigate the issue in consumer land. > >> >> > >> >> > >> >> > >> >> Some of the orgs I work in now use router ACLs or FW rules to block > RPC > >> >> traffic across subnets/VLANs. That will help mitigate the issue as > well > >> >> > >> >> Cheers > >> >> > >> >> Ken > >> >> > >> >> > >> >> > >> >> From: Kennedy, Jim [mailto:[EMAIL PROTECTED] > >> >> Sent: Friday, 24 October 2008 8:42 AM > >> >> To: NT System Admin Issues > >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released > today, > >> >> stay tuned > >> >> > >> >> > >> >> > >> >> Prior to me being here this district ignored Code Red. They got > nailed > >> >> bad > >> >> and had to shut down for a week and go re-image 3000 computers. Feel > >> >> free to > >> >> quote me on that if you need to J > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] > >> >> Sent: Thursday, October 23, 2008 5:28 PM > >> >> To: NT System Admin Issues > >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released > today, > >> >> stay tuned > >> >> > >> >> > >> >> > >> >> I work at a hospital too, and this situation is a ohh well take NO > for > >> >> an > >> >> answer, I have ran it all the way to the top here, and said its > getting > >> >> done, I don't care about the downtime its better to swallow the pill > >> >> now > >> >> then clean up the mess laters. > >> >> > >> >> > >> >> > >> >> I also come in early in mornings ( Like 3:00am or earlier to patch my > >> >> systems each month) > >> >> > >> >> > >> >> > >> >> So I feel your pain. > >> >> > >> >> > >> >> > >> >> Z > >> >> > >> >> > >> >> > >> >> Edward E. Ziots > >> >> > >> >> Network Engineer > >> >> > >> >> Lifespan Organization > >> >> > >> >> MCSE,MCSA,MCP,Security+,Network+,CCA > >> >> > >> >> Phone: 401-639-3505 > >> >> > >> >> ________________________________ > >> >> > >> >> From: Chinnery, Paul [mailto:[EMAIL PROTECTED] > >> >> Sent: Thursday, October 23, 2008 5:26 PM > >> >> To: NT System Admin Issues > >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released > today, > >> >> stay tuned > >> >> > >> >> > >> >> > >> >> Must be nice. I work in a hospital so all of the clinical pc's are > >> >> always > >> >> on. The only thing we could do was to set up the reboot for 3:30 AM > >> >> (same > >> >> time as when I or my buddy have to do a real early shift to install > >> >> patches > >> >> and reboot servers.) > >> >> > >> >> > >> >> > >> >> ________________________________ > >> >> > >> >> From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] > >> >> Sent: Thursday, October 23, 2008 11:16 AM > >> >> To: NT System Admin Issues > >> >> Subject: RE: Out of Cycle Critical Windows Patch to be released > today, > >> >> stay tuned > >> >> > >> >> And it does require a reboot after install. I hate when out of cycle > >> >> patches require reboots. I prefer when my users don't know. > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> From: Ziots, Edward [mailto:[EMAIL PROTECTED] > >> >> Sent: Thursday, October 23, 2008 6:28 AM > >> >> To: NT System Admin Issues > >> >> Subject: Out of Cycle Critical Windows Patch to be released today, > stay > >> >> tuned > >> >> Importance: High > >> >> > >> >> > >> >> > >> >> Heads up gang, more patching for this month, this one out of cycle > and > >> >> critical no additional information yet. > >> >> > >> >> Z > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> > > >> > > >> > -- > >> > -------------- > >> > Give a man a fish, and he'll eat for a day. > >> > Give a fish a man, and he'll eat for weeks! > >> > > >> > > >> > > >> > > >> > >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > > > -- > > -------------- > > Give a man a fish, and he'll eat for a day. > > Give a fish a man, and he'll eat for weeks! > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
