Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: GPO that forces users to use a proxy server.

from [Steven Hay] Network Security [Permanent Link]
Subject: RE: GPO that forces users to use a proxy server.
Date: Fri, 29 Oct 2004 09:26:56 -0600 
We use a VPN for this as well. Our VPN client is pretty good as it
terminates all other network access once a VPN connection is established
(disabling the possibility of a remote controller trying to 'zombie' VPN
into our system).  With this the advantage is that there is no other
LAN/Internet access available to the laptop except through the VPN.  As well
we know where users are surfing with our business assets (laptops).

The disadvantage is a web page is now loading to our network, then
transferring to the user which can make web browsing slower if the page
isn't already cached.  As well some users share out their home printers to
their laptops and the VPN won't allow any access to this for them to print
locally.  But we consider these the lesser of the two evils.

Steve

-----Original Message-----
From: Michael Silk [mailto:michaels@phg.com.au] 
Sent: October 28, 2004 5:52 PM
To: Ryan Parrish; focus-ms@securityfocus.com
Subject: RE: GPO that forces users to use a proxy server.


Hi,

        If you could; how would you ensure the time on there computer was
valid ? You could setup a timeserver and force their computer to use that
through GPO (I assume) but that means the time server would need to be
available outside your intranet ... Surely it would be easier to allow the
proxy server to be contactable from their home (even via a VPN of some sort
... ?) because after all, it's a work computer and surely the same rules
apply for what they can browse on it no matter where they are or what time
it is.

-- Michael
 

-----Original Message-----
From: Ryan Parrish [mailto:RyanP@foxracing.com] 
Sent: Friday, 29 October 2004 5:28 AM
To: focus-ms@securityfocus.com
Subject: GPO that forces users to use a proxy server.

We are trying to implement a GPO that forces all users/computers to use a
proxy sever for there internet access in the company, but have hit a snag.
We have lots of laptop users that we found during testing when they take
there laptops home they can access the internet using there own ISP since we
set the policy to use a proxy server that is not available to the outside
internet, thus they get no internet access. Has anybody dealt with this kind
of situation before? Is there a way to set a GPO to only be active during
business hours?


_-`-_-`-_-`-_-`-_-`-_-`-_-`-_-`-_-`-_

Ryan Parrish
ryanp@foxracing.com
IT Dept.
408-776-8633 extension 1229
Please direct all support questions to - (¯`·.¸¸.-> itsupport@foxracing.com

_-`-_-`-_-`-_-`-_-`-_-`-_-`-_-`-_-`-_ 

---------------------------------------------------------------------------
---------------------------------------------------------------------------





**********************************************************************
This email message and accompanying data may contain information that is
confidential and/or subject to legal privilege. If you are not the intended
recipient, you are notified that any use, dissemination, distribution or
copying of this message or data is prohibited. If you have received this
email message in error, please notify us immediately and erase all copies of
this message and attachments.

This email is for your convenience only, you should not rely on any
information contained herein for contractual or legal purposes. You should
only rely on information and/or instructions in writing and on company
letterhead signed by authorised persons.
**********************************************************************


---------------------------------------------------------------------------
---------------------------------------------------------------------------
Please note that Internet email is not always private, secure or reliable.
The sender accepts no liability for any damages caused by any virus
inadvertently transmitted with this email.  Any opinion expressed in this
email is solely that of the author, unless clearly indicated otherwise.
This email, and any attachments, may contain confidential and/or proprietary
information that is intended only for use by the addressee.  If you are not
the intended recipient, any use, dissemination, forwarding, printing, or
copying of this email is strictly prohibited.  If you received this email in
error, please delete the email and advise the sender of the delivery error.

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Remove "Shutdown" command from w2k PCs but enable restart, Lett, Craig
Next by Date:  RE: GPO that forces users to use a proxy server., Benjamin D. Goldman
Previous by Thread:  RE: GPO that forces users to use a proxy server., Jim Harrison (ISA)
Next by Thread:  RE: GPO that forces users to use a proxy server., Benjamin D. Goldman
Indexes:  [Date] [Thread] [Top] [All Lists]