[Dshield] General security question
keithtarrant at spamcop.net
Sun Nov 24 14:50:39 GMT 2002
Don't give them write access to anything on any of your servers or
clients. Have them use their own computers.
----- Original Message -----
From: "Vince Flammia" <vflammia at shoppersdrugmart.ca>
To: <list at dshield.org>
Sent: Friday, November 22, 2002 1:35 PM
Subject: [Dshield] General security question
> I have found people who work for associate companies (i.e. auditors)
> connect to our internal network.
> They are served a valid dhcp address which then allows them to access
> the Internet via a valid proxy server.
> They are then using a piece of software which uses SSL to connect to an
> outside SSL server (similar to a clientless VPN). They are then able to
> transfer files to their machines into our network.
> This does not seem very secure to me but "the business" allows our
> auditors to connect to our network and we do allow our internal users
> http access o the Internet. Since this traffic is all valid, according
> to our network structure (proxy, firewalls, etc), and because the
> traffic is SSL I cannot see what is really happening. Can I take any
> further steps to protect our internal network?
More information about the list