[Dshield] My graphics guy sent me the following message thismorning...I'd love to hear comments/thoughts/advice:

Micheal Patterson micheal at tsgincorporated.com
Tue Feb 3 15:40:53 GMT 2004

----- Original Message ----- 
From: "Louis Hablas" <Lou.Hablas at rzim.org>
To: "Dshield (E-mail)" <list at dshield.org>
Sent: Tuesday, February 03, 2004 9:03 AM
Subject: [Dshield] My graphics guy sent me the following message
thismorning...I'd love to hear comments/thoughts/advice:

> Part of me wants to strangle him; the rational part of me wants to find a
> more peaceful solution.  FYI, we're using Trend Micro ScanMail, Server
> Protect, and OfficeScan.  We've got ISA Server on our border.  I'm hoping
> hearing about other solutions, policy suggestions, etc.  Thanks in advance
> for input!!  /Lou
> <snip>
> I understand the need for a safe computer network and I appreciate all you
> do to maintain ours. I know you devote much of your time to this purpose.
> However, it has become increasingly difficult to send and receive data.
> Since most data that I receive is either .jpg or .html documents that has
> been very frustrating both for the sender and the recipient. I am
> trying to keep the folks I deal with aware of not sending documents with
> those formats. Knowing the challenges you face, I have a few possible
> suggestions for alternative ways we can have a secure system while I can
> still be able to send and receive graphic files?
> Can we place a dedicated graphics address on my MAC and internet access on
> the other side of the firewall? Treat me like an outside source that
> doesn't have access to the intranet except through the firewall and
> you have installed.
> Or can we create a list of approved email sources that are considered
> trustworthy, virus free, and that will have the privilege of sending
> documents with the formats that are currently blocked.
> Or is it possible to create a macro that will scan quarantined documents
> infection and once it has been determined that the documents are safe they
> are automatically forwarded to the appropriate party.
> Is it possible to turn off the outgoing blocking mechanism? I am assuming
> that an internal virus is impossible so what is triggering the deletion of
> attachments generated internally?
> Can we find an alternate method of document transmission? The two
> maintenance firms we have employed to manage the MAC's have both commented
> on the tight security. I don't know of anyone else going to this extent on
> the security issues. I am not saying it is not necessary, but I am hopeful
> we can work out a solution that would enable me to accomplish what my job
> demands. I will help out in any way I can.
> Thanks for your patience as we endeavor to find a solution.
> <snip>
> Lou Hablas
> Systems Manager
> Ravi Zacharias International Ministries

Do what I have done in the past. If he would like to recieve his messages,
be treated as if he were on the other side of the firewall, do so. Remove
him from the domain (if there is a domain), allow traffic to / from him and
inform him that he is no longer part of the lan. If he needs to be a member
of the LAN and not isolated, ask him if he is willing to be held accountable
and willing to pay any restitution should the network be breeched.

On a more serious note, if he needs to get files to / from other sites, they
can place them on a web for download or you could possibly do the same.
You could also create an ftp site, share that folder and give the graphics
person access to the share. Then he can place files in there as needed for
transfer, provide a user name / pass combination and he can then send the
the link in an email so they can click on it, and send / recieve any
necessary files.


Micheal Patterson
TSG Network Administration

Confidentiality Notice:  This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original

More information about the list mailing list