|
Security Basics
mailing list archives
Antwort: Re: web browsing in production environment - a journey through comfort and security
From: info () hitcon de
Date: Tue, 14 Jul 2009 12:31:53 +0200
- Trying to prevent with what? With a policy to snip the active content,
im trying to prevent browser holes. i had my own expriences with scripts
from websites that injected viruses to my host, just because i deactivated
"no script" in firefox. with the AV engines - resist viruses via HTTP(s)
- I absolutely understand why users are upset because they arent able to
browse the internet like theyre at home and have to request the it staff
to set a website as trusted (to have active content working!)
- in my opinion the policy makes absolut sense and i am im firmly conviced
of it but thats not the question because im looking for alternatives and
assess the risk management
Von:
evilwon12 () yahoo com
An:
security-basics () securityfocus com
Datum:
13.07.2009 19:21
Betreff:
Re: web browsing in production environment - a journey through comfort and
security
And I thought I had issues.
My first question - what are you trying to prevent?
This seems like a ton of work to do with a ton of upkeep without knowing
what you are trying to prevent?
Do you fully understand why the employees are upset? While most
understand some sort of filtering, most people do not like the overbearing
hand of big brother coming down on them without good
explanation/reasoning.
What does your Internet Policy state? Do you even have one? If it is not
rational and does not make sense, then employees will be disgruntled.
-- i know most of the exploits try to implant viruses on the host, we
have 3
anti virus engines, how high could be the impact?
Since they are browsing from your Citrix TS, your biggest threat is
someone owning your Citrix TS box. Now, if someone is smart enough to
figure out how to piggy back that connection down to the workstation, you
have your answer.
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and
how your customers can tell if a site is secure. You will find out how to
test, purchase, install and use a thawte Digital Certificate on your
Apache web server. Throughout, best practices for set-up are highlighted
to help you ensure efficient ongoing management of your encryption keys
and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
HITCON AG
Maik Linnemann
Gartenstraße 208
48143 Münster
+49 (251) 2801-205 (Phone)
+49 (251) 2801-280 (Fax)
+49 (170) 6364-205 (Mobil)
mailto:info () hitcon de
http://www.hitcon.de
Mitglieder des Vorstandes: Helmut Holtstiege, Tobias Helling
Vorsitzender des Aufsichtsrats: Hans-Hermann Schumacher
Sitz der Gesellschaft: Münster
Registergericht: Amtsgericht Münster, HRB 5177
member of http://www.grouplink.de
·
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- RE: web browsing in production environment - a journey through comfort and security, (continued)
|
Intro
