[Dshield] FAQ Suggestion

Richard Stead richard.stead at bigpond.com
Sun Sep 1 08:04:08 GMT 2002


David,

	Another way to address this is through the platform. For
example, do your users require the writes to install software? By using
a standard operating platform you can lock the OS down and alleviate a
lot of these risks; however, it needs the total support of your
management to enforce it. I find it difficult to understand these days
how companies can justify providing their staff the access rights to
install rogue software that hasn't been tested and is probably not
licensed for the corporate scene.

(two cents worth)

Richard

-----Original Message-----
From: list-admin at dshield.org [mailto:list-admin at dshield.org] On Behalf
Of Jens Knoell
Sent: Sunday, September 01, 2002 1:32 AM
To: list at dshield.org
Subject: Re: [Dshield] FAQ Suggestion

From: "David Sentelle" <David.Sentelle at cnbcbank.com>
> How  can a network administrator insure their clients are not using
loophole software?

>Answer: You can't, unless you totally block connections from your
network to
the internet. As soon as you have _some_ kind of internet access, you
can
use that to tunnel any traffic through it.

>What I'd usually recommend in such cases is: Rethink what your network
is
supposed to do, and what the clients on that net are supposed to do. Do
they
really _all_ need the ability to browse the net? Do they need _any_ net
access at all? If they do, make sure you have someone who does analyze
the
logs for any attempts to violate company policy, and deal harshly with
any
such attempts. Harshly enough so that the rest of the employees know
that
the boundaries are enforced.

Jens

_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list