[THIN] Re: Terminal Session security question

• From: Nick Smith <nick@xxxxxxxxxxxxxxxxxx>
• To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
• Date: Wed, 12 Nov 2008 10:15:52 +0000

Doug,
If you allow your users to run executables they will. Via email, web, ftp, from 
their fat disks, hey, telnet; someone will find a way.

Use GPO to allow only approved executables to run and you don't need to worry 
about the rest.

I found this quite scary until I actually tried it, and then I just breathed 
easier.

Nick

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of 
Jim Kenzig http://thin.ms
Sent: 11 November 2008 18:22
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Terminal Session security question

Nope just dhl.com<http://dhl.com> will suffice.  Yeah they might be able to 
circumvent with an IP but if the site is set up right it should convert it to a 
domain and lock it out.
Jim Kenzig
Blog: http://www.techblink.com

On Tue, Nov 11, 2008 at 1:13 PM, Doug Rooney 
<Doug@xxxxxxxxxxxxxxxxxxxx<mailto:Doug@xxxxxxxxxxxxxxxxxxxx>> wrote:

Jim,

I was thinking of doing that, but for example DHL has several valid IP 
addresses for www.dhl.com<http://www.dhl.com>, do I have to figure out and 
enter every valid possibility, and then how do I tell it everything else goes 
to 127.0.0.1<http://127.0.0.1>, also if they type in an IP, I am guessing this 
will not work?



Thank You

-Doug Rooney
Sonoma Tilemakers
IT Systems Administrator
7750 Bell Rd.
Windsor Ca, 95492
(707) 837-8177 X11
(707) 837-9472 FAX
it@xxxxxxxxxxxxxxxxxxxx<mailto:it@xxxxxxxxxxxxxxxxxxxx>



From: thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx> 
[mailto:thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>] On Behalf 
Of Jim Kenzig http://thin.ms
Sent: Tuesday, November 11, 2008 9:20 AM
To: thin@xxxxxxxxxxxxx<mailto:thin@xxxxxxxxxxxxx>
Subject: [THIN] Re: Terminal Session security question



Use the windows hosts file to control which urls they can and can't get to. 
Point the rogue sites to 127.0.0.1<http://127.0.0.1> and they will never get 
there
Jim Kenzig
Blog: http://www.techblink.com

On Tue, Nov 11, 2008 at 12:11 PM, Doug Rooney 
<Doug@xxxxxxxxxxxxxxxxxxxx<mailto:Doug@xxxxxxxxxxxxxxxxxxxx>> wrote:





************************************************

• Follow-Ups:
  • [THIN] Re: Terminal Session security question
    • From: Doug Rooney

• References:
  • [THIN] RDP console not working
    • From: msemon@xxxxxxx
  • [THIN] Terminal Session security question
    • From: Doug Rooney
  • [THIN] Re: Terminal Session security question
    • From: Jim Kenzig http://thin.ms
  • [THIN] Re: Terminal Session security question
    • From: Doug Rooney
  • [THIN] Re: Terminal Session security question
    • From: Jim Kenzig http://thin.ms

Other related posts:

• » [THIN] Terminal Session security question- Doug Rooney
• » [THIN] Re: Terminal Session security question- Jim Kenzig http://thin.ms
• » [THIN] Re: Terminal Session security question- Doug Rooney
• » [THIN] Re: Terminal Session security question- Jim Kenzig http://thin.ms
• » [THIN] Re: Terminal Session security question - Nick Smith
• » [THIN] Re: Terminal Session security question- Doug Rooney
• » [THIN] Re: Terminal Session security question- Jim Kenzig http://thin.ms
• » [THIN] Re: Terminal Session security question- Nick Smith

1. Home
2. thin
3. Archive
4. 11-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---