Home page logo

basics logo Security Basics mailing list archives

Re: Risks/dangers of unauthorized web proxy
From: Isaac Perez Moncho <suscripcions () tsolucio com>
Date: Thu, 09 Aug 2007 21:09:06 +0200

There a many risk of permiting that:
-Undesired software (vulnerabilities, possible malware, misconfigurations, worst computer working, increase of needed support, etc...) installed by non authorized people -Undesired access to Internet from people without authorization (malware, malware, malware, leak of information, maybe loss of productivity, etc..)
-Computers without enough protection surfing the web (malware)
-Policies that are not enforced (difficult to enforce other policies, as the people see it happens anything if they do what they want, loss of authority from IT/security group) -Legal problems or problems with other companies. If can be accessed from internet can be used for attacking other hosts, and you will seem the source of the attack. Being added to blacklists, access denied by you own ISP, etc....

As you see there are many, many problems of allowing that.
If I were you the first I'll did is to get management permission to enforce two policies:
-Only install permitted software by allowed people
-Only acces to the resources you need.
If you can't get the support of management,as high as you can, you lost the battle from the beginning

En/na julesgoolia () yahoo com ha escrit:
Hi! I am a new security analyst and have not been exposed to the technical side of security.

I would like to ask about the risks/dangers from unauthorized proxies.  Some employees in our company   install 
programs in their workstations to serve as proxy to other workstations that have not been given Internet access.

Many thanks!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]