I don't disagee with you Greg but one thing that desktops has that Citrix servers don't heve (supposely) is data. When you inject user data Anti-virus software is a given. I am still have a hard time understanding why you need Anti-virus software on terminal server because it's nature is to run things, not store them. You are right though, any time you don't install anti-virus on any computer, you are playing with fire. My .02 cents worth. -----Original Message----- From: Greg Yorke (V) [mailto:GYorke@xxxxxxxxxxxxx] Sent: Friday, August 30, 2002 1:03 PM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Re: Citrix servers and Antivirus software Not to get into a big political discussion, but what does foreign policy have anything to do with it. Do you really think you would be safer in Switzerland than in other countries from viruses? The discussion was, why should you need anti-virus on a Citrix machine when it is locked down. Theoretically the Citrix server should only be putting screens out. But as soon as you start deploying IE over Citrix and other such apps like Outlook, you are vulnerable. I used to think that if your environment is locked down correctly, all viruses should be caught before they even get to your Citrix servers. And it's not like the Citrix servers are being used as file servers. Then I got caught. The infection actually came through user profiles. The odd thing is we don't even use roaming profiles. It just found it's way in. With over 2000 users, it is hard to stop infections. It infected one Citrix server and went from there. Granted the Citrix server wasn't the first server to be infected. In fact it was infected by a background file server. Still, the Citrix server would have stopped it there. Basically, would you deploy desktops with out antivirus on them. Even if they were locked down correctly. Just a thought, G. -----Original Message----- From: Allan Stephens [mailto:algs@xxxxxxxxxxxxxx] Sent: August 30, 2002 9:37 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Citrix servers and Antivirus software Here's a thought: Countries with a non-interventionist foreign policy get hacked less frequently Devils's Advocate. ----- Original Message ----- From: "Nail, Larry" <lnail@xxxxxx> To: <thin@xxxxxxxxxxxxx> Sent: Saturday, August 31, 2002 12:00 AM Subject: [THIN] Re: Citrix servers and Antivirus software > > Nope, I'm not worried about getting fired... My systems are locked down > pretty hard and AV protected. I was trying to convey the fact that admins > need to take this seriously... Like the other message I saw in this thread, > WTS is a client of other servers too, so it can infect other systems as > well. > > I perfectly understand the slacker part and I abhor working with people who > are... I have no tolerance for that.. > > Good luck at retirement... If you love this stuff, you'll be back doing it > someplace else with less stress! > > Larry > > -----Original Message----- > From: Warner, Kathleen [mailto:kwarner@xxxxxxxxxxxx] > Sent: Thursday, August 29, 2002 5:38 PM > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Re: Citrix servers and Antivirus software > > > > > -----Original Message----- > From: Nail, Larry [mailto:lnail@xxxxxx]=20 > > >Trend isn't all that demanding cpu & memory wise... My view, better > safe than looking for a job. > > You actually worry about losing your job over getting hacked? Well, you're > working at the wrong place then. You should come work here. Let machines > (this includes both servers and workstations) get hacked here and you'll get > promoted after spending 2-3 days rebuilding the infected machines from > scratch. Another important point is to make sure you don't learn your > lesson and let it happen again by yet again failing to install patches that > have been out for months and that could have protected your machines. Keep > your machines patched and protected and you'll get ignored and then brushed > off and told that you just "got lucky" even when you have tons of logs > showing that the miscreants who succeeded with hacking the machines that > weren't under your responsibility umbrella were the same miscreants thwarted > on your machines. I've been "getting lucky" for nearly 5.5 years now, > problem is I just don't have it in me to be a slacker so I guess I'm just > not ever going to be promotion material here. The only reason I'm not out > looking for a new job (besides the economy problems) is that fortunately for > me, I'm "retiring" soon. /end rant > > I loved Ray's comments about riding a horse to work and motorcyle jumping > the Grand Canyon, ROFL. I'm going to use that "do you ride a horse to > work?" with one of my friends who still insists on using Win98 and says the > same thing, if it ain't broke, don't fix it. Nevermind that the machine is > like a big blinking neon sign inviting hackers in when they are on the > internet... > > > > =================================== > This weeks Sponsor: > ThinPrint > - High resolution, DRIVER FREE PRINTING with no loss of quality in color. > - Removes print spooling and rendering tasks from your terminal server. > http://www.thinprint.com =================================== > For Archives, to Unsubscribe, Subscribe or > set Digest or Vacation mode use the below link. > > http://thethin.net/citrixlist.cfm > > > =================================== > This weeks Sponsor: > ThinPrint > - High resolution, DRIVER FREE PRINTING with no loss of quality in color. > - Removes print spooling and rendering tasks from your terminal server. > http://www.thinprint.com > =================================== > For Archives, to Unsubscribe, Subscribe or > set Digest or Vacation mode use the below link. > > http://thethin.net/citrixlist.cfm > =================================== This weeks Sponsor: ThinPrint - High resolution, DRIVER FREE PRINTING with no loss of quality in color. - Removes print spooling and rendering tasks from your terminal server. http://www.thinprint.com =================================== For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm =================================== This weeks Sponsor: ThinPrint - High resolution, DRIVER FREE PRINTING with no loss of quality in color. - Removes print spooling and rendering tasks from your terminal server. http://www.thinprint.com =================================== For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm =================================== This weeks Sponsor: ThinPrint - High resolution, DRIVER FREE PRINTING with no loss of quality in color. - Removes print spooling and rendering tasks from your terminal server. http://www.thinprint.com =================================== For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm