[THIN] Re: Safe fiel uploads
- From: "Jeff Durbin" <techlists@xxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 28 May 2004 21:01:20 +1200
It will be nice when these types of users start gettting weeded out of the
employee gene pool. We should only have to put up with them for another 30
years or so, though. By then, everyone in the workforce should have basic
computer competency.
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of John Carlson
> Sent: Friday, 28 May 2004 7:27 a.m.
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Safe fiel uploads
>
> I understand. My users do not. If it not as simple to use as,
> say a telephone, it is simply beyond their grasp.=20
>
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> Sent: Thursday, May 27, 2004 1:55 PM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Safe fiel uploads
>
> You can change the target file location.
>
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx=20
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of John Carlson
> > Sent: Friday, 28 May 2004 3:33 a.m.
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: Safe fiel uploads
> >=20
> > Just wanted to throw in my 2 cents. :) =20 I use
> TSDropCopy at one of
> >my clients and while it works=20 great for me, the end
> users seem to
> >have great difficulty=20 making it work. I've explained it
> to them a
> >million times but=20 despite that they never seem to be
> able to find
> >the files=20 once they have uploaded/downloaded them. =3D20 =20
> >-----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx=20
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> > Sent: Wednesday, May 26, 2004 4:45 PM
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: Safe fiel uploads
> >=20
> > 1. Use antivirus software on the TS with realtime file=20
> scanning 2.
> >Use group policy and Appsec to restrict the users=20 to
> only executing
> >the programs that you explicitly specify,=20 in explicit locations
> >(i.e.
> > c:\program files\Internet Explorer\iexplore.exe). Or, if
> you've got a
> > 2003 domain, you can accomplish this with Software=20 Restriction
> >Policies.
> > 3. Give them TSDropCopy to upload files to anywhere they
> want=20 (you
> >said TS, not Citrix, so I'm assuming you're using straight
> TS) =20 jD
> >=20
> > > -----Original Message-----
> > > From: thin-bounce@xxxxxxxxxxxxx
> > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Nick Smith
> > > Sent: Wednesday, 26 May 2004 10:50 p.m.
> > > To: thin@xxxxxxxxxxxxx
> > > Subject: [THIN] Safe fiel uploads
> > >=3D20
> > > We want to allow some of our users to upload files into
> our TS=3D20
> > >=
>
> > >environement from their Thick Client PCs. Some of these
> will be=3D20
> > >=
>
> > >properly maintained corporate PCs; some of them will be
> home PCs=3D20
> > >=
> =20
> > >probably full of viruses, spyware, executables and general
> nastiness.
> > > =3D20
> > > Our thinking is that we shouldn't just allow them access=20
> > thorough=3D20 =20
> > >standard TS Drive Mapping to their local drives, as they
> will,=3D20
> > >=20 mailiciously or not, upload nasties.
> > > =3D20
> > > We are therefore planning to develp a small web-based app
> which=20
> > >will=3D20 allow upload otuside the TS session into a=20
> > quarantined, safe=20
> > >area (By
> >=20
> > > http or ftp). We will then scan this safe area for nasties=20
> > before=3D20=20
> > > moving the files into the user areas.
> > > =3D20
> > > 2 related queries;
> > > 1) Is anyone else doing something similar? Does it make=20
> > sense? Is=3D20=20
> > > there some gaping flaw in the stratgey?
> > > 2) Does anyone know of an engine that can scan a file store=20
> > in this=3D20=20
> > > way for generic 'nasties' - not just for viruses, which
> is easy,=20
> > > but=3D20 for executables(For preference something that=20
> > doesn't just look=20
> > > at the
> >=20
> > > '.xxx', but actually analyses the file) , known spyware,
> etc. We=20
> > > can=3D20 probably chain together a script which calls NAV then =
> SpyBot=20
> > > then=3D20 AdAware etc, but that feels messy. Any thoughts?
> > > =3D20
> > > Nick
> > > ********************************************************
> > > This Week's Sponsor - Tarantella Secure Global Desktop=20
> > Tarantella=3D20=20
> > > Secure Global Desktop Terminal Server Edition Free Terminal=20
> > Service=3D20=20
> > > Edition software with 2 years maintenance.
> > > http://www.tarantella.com/ttba
> > > **********************************************************
> > > Useful Thin Client Computing Links are available at:
> > > http://thin.net/links.cfm
> > > ***********************************************************
> > > For Archives, to Unsubscribe, Subscribe or set Digest or=20
> > Vacation mode
> >=20
> > > use the below link:
> > > http://thin.net/citrixlist.cfm
> > >=3D20
> >=20
> > ********************************************************
> > This Week's Sponsor - Tarantella Secure Global Desktop=20
> Tarantella
> >Secure Global Desktop Terminal Server Edition Free=20
> Terminal Service
> >Edition software with 2 years maintenance.
> > http://www.tarantella.com/ttba
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thin.net/links.cfm
> > ***********************************************************
> > For Archives, to Unsubscribe, Subscribe or set Digest or=20
> Vacation
> >mode use the below link:
> > http://thin.net/citrixlist.cfm
> >=20
> >=20
> > ********************************************************
> > This Week's Sponsor - Tarantella Secure Global Desktop=20
> Tarantella
> >Secure Global Desktop Terminal Server Edition Free=20
> Terminal Service
> >Edition software with 2 years maintenance.
> > http://www.tarantella.com/ttba
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thin.net/links.cfm
> > ***********************************************************
> > For Archives, to Unsubscribe, Subscribe or set Digest or=20
> Vacation
> >mode use the below link:
> > http://thin.net/citrixlist.cfm
> >=20
>
> ********************************************************
> This Week's Sponsor - Tarantella Secure Global Desktop
> Tarantella Secure Global Desktop Terminal Server Edition Free
> Terminal Service Edition software with 2 years maintenance.
> http://www.tarantella.com/ttba
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or=20 set Digest or
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
> ********************************************************
> This Week's Sponsor - Tarantella Secure Global Desktop
> Tarantella Secure Global Desktop Terminal Server Edition Free
> Terminal Service Edition software with 2 years maintenance.
> http://www.tarantella.com/ttba
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
>
********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop
Tarantella Secure Global Desktop Terminal Server Edition
Free Terminal Service Edition software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
