General discussion

Locked

The need for anti-virus protection on remote users machines

By cass.harley ·
We use a terminal server, and allow staff to install a remote access client on their machine, and dial up to the work server.

I am still struggling a little to grasp the complete concept.
ie The user dials up to a modem inside the terminal server, the terminal server modem and the user modem negotiate a connection.
However once this connection is established, the user is not yet logged onto the terminal server (wtih the ability to access files etc). The user can access the internet etc via the ADSL modem connection, but the user cannot access any other files etc on the system.... As I said, I am confused about it a bit.

My question is regarding the need for up-to-date anti-virus software on the users machine. Our anti-virus software allows us to let home users use a copy, however I would like to know how serious a threat remote users are (if they do not have virus protection).

Thanks,
Cassandra

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Viruses

by timwalsh In reply to The need for anti-virus p ...

You need to get beyond the mistaken impression that the only risk here is the further spread of any virus.

Think through this scenario:

Home user gets infected by a virus that installs a trojan or back door on the user's home computer. The backdoor allows a hacker to tke control of the user's home computer and install a keystroke logger. The keystroke loger records the phone number used to dial into your network as well as the userID and password needed to access your network. Let your imagination take you from there.

Antivirus software protects a user from a number of evils. While preventing the further spread of a virus is one of the protections provided, it isn't the only one.

Collapse -

Callback

by cass.harley In reply to Viruses

We make use of the callback feature with all our remote users.

Aside from meaning that the company covers the cost of the phonecalls, it is also to ensure that the user can only login from there home (unless I am notified in advance). Shouldn't this prevent anyone accessing the login from any computer other then the users home?

Collapse -

Security

by timwalsh In reply to Callback

How sure are you of the security of your user's home computer? If their computer is hacked, or is infected with a worm that installs a a backdoor allowing someone to take control of that computer...

All your server will see is that the call is coming from an authorized number and the caller is using authorized credentials.

The "hacker" can do things such as change the modem on the home computer to auto-answer (if it isn't already set that way. The "hacker" can also turn off the sound to the modem so that if the attempt to breach your system occurs at night (when the user is probably asleep), the user will never hear the phone ring or even now his sytem ihas been compromised.

Of course, if all the home user has is a dial-up connection to the Internet, the situation changes. A hacker obviously can't dial in to the user's computer and then have the computer dial your server.

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums