Jeff, my concern with (2) is that we are likely to forget some .exe or .dll that is an important windows sub-component. I wasn't aware of TSDropCopy; looks interesting. Thanks. Nick -----Original Message----- From: Jeff Durbin [mailto:techlists@xxxxxxxxxxxxx]=20 Sent: 26 May 2004 22:45 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Safe fiel uploads 1. Use antivirus software on the TS with realtime file scanning 2. Use group policy and Appsec to restrict the users to only executing the programs that you explicitly specify, in explicit locations (i.e. c:\program files\Internet Explorer\iexplore.exe). Or, if you've got a 2003 domain, you can accomplish this with Software Restriction Policies. 3. Give them TSDropCopy to upload files to anywhere they want (you said TS, not Citrix, so I'm assuming you're using straight TS) jD > -----Original Message----- > From: thin-bounce@xxxxxxxxxxxxx > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Nick Smith > Sent: Wednesday, 26 May 2004 10:50 p.m. > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Safe fiel uploads >=20 > We want to allow some of our users to upload files into our TS=20 > environement from their Thick Client PCs. Some of these will be=20 > properly maintained corporate PCs; some of them will be home PCs=20 > probably full of viruses, spyware, executables and general nastiness. > =20 > Our thinking is that we shouldn't just allow them access thorough=20 > standard TS Drive Mapping to their local drives, as they will,=20 > mailiciously or not, upload nasties. > =20 > We are therefore planning to develp a small web-based app which will=20 > allow upload otuside the TS session into a quarantined, safe area (By > http or ftp). We will then scan this safe area for nasties before=20 > moving the files into the user areas. > =20 > 2 related queries; > 1) Is anyone else doing something similar? Does it make sense? Is=20 > there some gaping flaw in the stratgey? > 2) Does anyone know of an engine that can scan a file store in this=20 > way for generic 'nasties' - not just for viruses, which is easy, but=20 > for executables(For preference something that doesn't just look at the > '.xxx', but actually analyses the file) , known spyware, etc. We can=20 > probably chain together a script which calls NAV then SpyBot then=20 > AdAware etc, but that feels messy. Any thoughts? > =20 > Nick > ******************************************************** > This Week's Sponsor - Tarantella Secure Global Desktop Tarantella=20 > Secure Global Desktop Terminal Server Edition Free Terminal Service=20 > Edition software with 2 years maintenance. > http://www.tarantella.com/ttba > ********************************************************** > Useful Thin Client Computing Links are available at: > http://thin.net/links.cfm > *********************************************************** > For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode > use the below link: > http://thin.net/citrixlist.cfm >=20 ******************************************************** This Week's Sponsor - Tarantella Secure Global Desktop Tarantella Secure Global Desktop Terminal Server Edition Free Terminal Service Edition software with 2 years maintenance. http://www.tarantella.com/ttba ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Week's Sponsor - Tarantella Secure Global Desktop Tarantella Secure Global Desktop Terminal Server Edition Free Terminal Service Edition software with 2 years maintenance. http://www.tarantella.com/ttba ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm