the worst i have seen is a poorly configured server where users have more rights than they should and messes up an install or installs something unauthorized. On Tue, Aug 25, 2009 at 10:00 AM, Wilson, Christopher < CMWilson@xxxxxxxxxxxxx> wrote: > On the security topic still… > > > > What is the worst compromise you’ve seen of a Citrix environment? I’ve > never seen one personally. > > > > I remember back in the day before CSG etc, we would open 1494 from the > outside to our internal Citrix servers. Citrix used to claim this wasn’t > much of an attack vector, but eventually we got CSG and that made it more > secure and easier traverse other people’s firewalls. I’ll stop there, I > know there are other measures to secure this traffic, but I’m wondering how > much risk are we really talking about with Citrix XenApp? What’s the worst > thing you’ve ever seen? I’m trying to get a real sense of the risk we need > to manage with security measures. >