Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: breakout of citrix

from [Seth Hall] Network Security [Permanent Link]
Subject: RE: breakout of citrix
Date: Fri, 22 Oct 2004 09:09:59 -0700 
This from a reputable source:

"Tell them that they can avoid that problem by using an application like
appsec (res kit tool) or appsense application manager and restrict
explorer.exe from running (it is not required).

This is happening because by entering c:\ word invokes explorer (its
browsing), which can not be run in seamless mode (and will invoke a full
"desktop" when run, even in a non seamless session).  File security is
preserved even when this happens and a properly secured system will not
be impacted in the cases where this happens.  Anyone can browse the root
of c: (or m:) using file -> open, this can be averted by hiding the c
(or m:) drives using the registry (google it).

We run 150 applications for 6000 users, all with explorer.exe
unavailable.  If they need to make an explorer type window available for
file browsing, they can publish IE with the folders pane open
(iexplore.exe -e, I think google it).  This workaround is blessed
(advocated) by Citrix."

Hope that helps.

--Seth

-----Original Message-----
From: Nathaniel Hall [mailto:halln@otc.edu] 
Sent: Thursday, October 21, 2004 12:02 PM
To: security-basics@securityfocus.com
Subject: RE: breakout of citrix

I had the same breakout problem.  Luckily, I saw your e-mail in time for

a security audit we are beginning at the end of the month.  I will keep 
the list posted on how the issue is fixed.

Nathaniel Hall
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln@otc.edu
417-799-0552



Depp, Dennis M. wrote:


Can you tell me what version of Citrix you are running and what version
of the client?  I was unable to reproduce this with Metaframe
Presentation Server 3.0 and the Java 8.0 client.  You might check the
version of the Citrix client you are running.  The current Widnows
version is 8.0.  My WYSE terminals shipped with version 7.1 of the ICA
client.  There is a download available to upgrade to the version 8
client.

Dennis

 


-----Original Message-----
From: Kenzo [mailto:kenzo_chin@hotmail.com] 
Sent: Tuesday, October 19, 2004 12:51 PM
To: security-basics@securityfocus.com
Subject: breakout of citrix

I was wondering if anyone has seen this and if there is a fix 
for this.
basically this is what's happening.
We have a test citrix environment serving couple apps.
The clients can either connect using the windows ica client 
or thru a WYSE
terminal.
In both case the same thing happens.
One particular app that we provide is MS word.
I discovered that if you insert a link into the work document 
such as "c:\"
and click on it.
Citrix freaks out, then gives you the desktop of the citrix server.
From there you can do access what ever programs you want.

Any ideas on how to fix this??

Thanks.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Is this normal?, Joe Polk
Next by Date:  RE: 0.0.0.0 Probes, David Gillett
Previous by Thread:  RE: breakout of citrix, Nathaniel Hall
Next by Thread:  RE: breakout of citrix, Rob Wallace
Indexes:  [Date] [Thread] [Top] [All Lists]