[Dshield] General security question

keithtarrant@spamcop.net keithtarrant at spamcop.net
Sun Nov 24 14:50:39 GMT 2002


Don't give them write access to anything on any of your servers or
clients.  Have them use their own computers.

----- Original Message -----
From: "Vince Flammia" <vflammia at shoppersdrugmart.ca>
To: <list at dshield.org>
Sent: Friday, November 22, 2002 1:35 PM
Subject: [Dshield] General security question


>
>
> I have found people who work for associate companies (i.e. auditors)
> connect to our internal network.
> They are served a valid dhcp address which then allows them to access
> the Internet via a valid proxy server.
> They are then using a piece of software which uses SSL to connect to an
> outside SSL server (similar to a clientless VPN). They are then able to
> transfer files to their machines into our network.
>
> This does not seem very secure to me but "the business" allows our
> auditors to connect to our network and we do allow our internal users
> http access o the Internet. Since this traffic is all valid, according
> to our network structure (proxy, firewalls, etc), and because the
> traffic is SSL I cannot see what is really happening. Can I take any
> further steps to protect our internal network?
>
>





More information about the list mailing list