[THIN] Re: Safe fiel uploads
- From: "Nick Smith" <nick@xxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 28 May 2004 08:06:22 +0100
Yeah, having glanced at it it looks like the osrt of software that's
great for guys like us but would leave end-users head-scratching. We'll
go with developing our won app.
Thanks,
Nick=20
-----Original Message-----
From: John Carlson [mailto:johnc@xxxxxxxxxx]=20
Sent: 27 May 2004 16:33
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Safe fiel uploads
Just wanted to throw in my 2 cents. :)
I use TSDropCopy at one of my clients and while it works great for me,
the end users seem to have great difficulty making it work. I've
explained it to them a million times but despite that they never seem to
be able to find the files once they have uploaded/downloaded them. =3D20
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeff Durbin
Sent: Wednesday, May 26, 2004 4:45 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Safe fiel uploads
1. Use antivirus software on the TS with realtime file scanning 2. Use
group policy and Appsec to restrict the users to only executing the
programs that you explicitly specify, in explicit locations (i.e.
c:\program files\Internet Explorer\iexplore.exe). Or, if you've got a
2003 domain, you can accomplish this with Software Restriction Policies.
3. Give them TSDropCopy to upload files to anywhere they want (you said
TS, not Citrix, so I'm assuming you're using straight TS)
jD
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Nick Smith
> Sent: Wednesday, 26 May 2004 10:50 p.m.
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Safe fiel uploads
>=3D20
> We want to allow some of our users to upload files into our TS=3D20 =20
>environement from their Thick Client PCs. Some of these will be=3D20 =20
>properly maintained corporate PCs; some of them will be home PCs=3D20 =20
>probably full of viruses, spyware, executables and general nastiness.
> =3D20
> Our thinking is that we shouldn't just allow them access thorough=3D20 =
=20
>standard TS Drive Mapping to their local drives, as they will,=3D20 =20
>mailiciously or not, upload nasties.
> =3D20
> We are therefore planning to develp a small web-based app which=20
>will=3D20 allow upload otuside the TS session into a quarantined, =
safe=20
>area (By
> http or ftp). We will then scan this safe area for nasties before=3D20 =
> moving the files into the user areas.
> =3D20
> 2 related queries;
> 1) Is anyone else doing something similar? Does it make sense? Is=3D20 =
> there some gaping flaw in the stratgey?
> 2) Does anyone know of an engine that can scan a file store in =
this=3D20
> way for generic 'nasties' - not just for viruses, which is easy,=20
> but=3D20 for executables(For preference something that doesn't just =
look
> at the
> '.xxx', but actually analyses the file) , known spyware, etc. We=20
> can=3D20 probably chain together a script which calls NAV then SpyBot=20
> then=3D20 AdAware etc, but that feels messy. Any thoughts?
> =3D20
> Nick
> ********************************************************
> This Week's Sponsor - Tarantella Secure Global Desktop Tarantella=3D20 =
> Secure Global Desktop Terminal Server Edition Free Terminal =
Service=3D20
> Edition software with 2 years maintenance.
> http://www.tarantella.com/ttba
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode
> use the below link:
> http://thin.net/citrixlist.cfm
>=3D20
********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop Tarantella Secure
Global Desktop Terminal Server Edition Free Terminal Service Edition
software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode
use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop Tarantella Secure
Global Desktop Terminal Server Edition Free Terminal Service Edition
software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode
use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop
Tarantella Secure Global Desktop Terminal Server Edition
Free Terminal Service Edition software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
