|
-
January 9th, 2004, 01:56 PM
#21
Hi
Your access mechanism (Citrix/Citrix clone) sound pretty secure to me.
I think that the rest is pretty much impossible 
This is typical of a "thin client" implementation? you are allowing the users onto your system with the rights to run applications, so you are restricted to the security provided by those applications.
You browsers support java and activeX?
Microsoft office supports VBS?
Even if you identify all valid executables, I just rename my malware as a valid executable and run it? I can even write malware in Office modules 
Your best bet is a good AV/Firewall/Intrusion Detection combination
Also have a look at these:
http://www.diamondcs.com.au "trojan Defence Suite" and others
http://www.analogx.com "Script Defender"
http://www.mobiusware.com "MoOutlooksecurity"
Good Luck
-
January 9th, 2004, 02:06 PM
#22
What firewall do you have?
The higher end firewalls will block content by type so you could tell it no exe, com, etc files are allowed through.
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote