Webster, I just called the vendor (paragon MLS), and they told me that thier website (requires activeX) and thus requries a bunch of active X controllers to be isntalled, and updated. So the machine needs admin access for i.e. to do this, I asked if any whitepapers on what needs to be added to a whitelist, but he say they don't have one. SO I not sure what would you suggest to allow them to fully use that websitem, but still lock down Internet exlporer. http://www.fnismls.com/products/paragon.htm is the company.
On Thu, Apr 15, 2010 at 6:28 PM, Webster <[email protected]> wrote: > For Terminal Servers or Citrix servers, websites don’t run as admins, > users run as admins. Actually, users should, in theory, NEVER run as an > admin on these types of servers. I wrote an article on how to do a basic > Terminal Server/Citrix Server lockdown group policy. You can find it at > http://www.dabcc.com/Webster . Every environment is different but my > article should give you a good starting off point to either create a GPO or > to compare your current GPO against. > > > > > > Webster > > > > *From:* justino garcia [mailto:[email protected]] > *Subject:* Re: how to clean (malware) from a rooted terminal server? > > > > OH now they want proof before rebulding that it has malware (more over a > rootkit), so that if it does then we do rebulid. > > > > Also how would I setup GPO policy or a policy were one website paragon > should be the only website to run in administrator mode. > > On Thu, Apr 15, 2010 at 5:58 PM, justino garcia <[email protected]> > wrote: > > Thanks people, I hope this suggestion are heard, issue is they have avast > until feb 2012, but let see. > > Also can I have my policy master server For viper (which I have customer > on, but with enterprise 4.0), also have both a mix of enterprise 4.0 > and premium 4.0??? > > On Thu, Apr 15, 2010 at 5:51 PM, Sherry Abercrombie <[email protected]> > wrote: > > And then lock it down tighter. A user had to have downloaded something > that caused this. We do not allow that on our Citrix servers. > > On Thu, Apr 15, 2010 at 4:47 PM, Ben Scott <[email protected]> wrote: > > On Thu, Apr 15, 2010 at 5:39 PM, justino garcia <[email protected]> > wrote: > > > how to clean a rooted terminal server? > > Boot from trusted media, copy off anything you want to save. Then > > erase all hard disks, and reinstall the operating system and all > software from scratch. > > Once an attacker has gained system privilege on your computer, it's > not your computer anymore. > > > > > > -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
