Re: Risk of Virus infection?

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: bob (bob_at_home.com)
Date: 08/13/04 

Date: Fri, 13 Aug 2004 06:01:46 GMT

I was told by my supervisor that the policy does not allow this, but I was
welcome to email the head of the department myself and ask for further
information. It seems that my company has taken the better safe than sorry
approach, which I guess I can't blame then for. After all, how would it
look to our clients if the network gets infection VIA an unnecessary means
such as that. at any rate, I might look in to it further and see if I can
get permission (being that many employees have VPN access, I don't see why
not).

Thanks for all your replies,
Bob
"Jeffrey Randow (MVP)" <jeffreyr-support@remotenetworktechnology.com> wrote
in message news:kfolh0lpppe91hjtgs2hle4n09dvumu7i9@4ax.com...
> Yep... I have seen the damage that can happen with making a
> connection from a "compromised" system with drive redirection
> enabled... It wasn't pleasant...
>
> Jeffrey Randow (Windows Networking & Smart Display MVP)
> jeffreyr-support@remotenetworktechnology.com
>
> Please post all responses to the newsgroups for the benefit
> of all USENET users. Messages sent via email may or may not
> be answered depending on time availability....
>
> Remote Networking Technology Support Site -
> http://www.remotenetworktechnology.com
> Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
>
> On Tue, 10 Aug 2004 23:55:16 -0400, "Bill Sanderson"
> <Bill_Sanderson@msn.com.plugh.org> wrote:
>
>>It isn't unreasonable for the network admin to assume that the home
>>machine
>>is infected. I don't see a way for that infection to travel through the
>>mouse/keystroke/screen paint transmission of RDP, though.
>>
>>OTOH, if you install TSDropCopy, or haven't locked out drive redirection,
>>there's potential for moving an infected executable.
>>
>>"Jeffrey Randow (MVP)" <jeffreyr-support@remotenetworktechnology.com>
>>wrote
>>in message news:4jtih0tu8u0ad2vdirguvhffjc977bu111@4ax.com...
>>> The main security implication with remote desktop is that you need to
>>> have a secure password.. That is the passport to your system...
>>>
>>> Also, make sure you upgrade to SP2 and that you use the firewall and
>>> Auto-Update.
>>>
>>> Jeffrey Randow (Windows Networking & Smart Display MVP)
>>> jeffreyr-support@remotenetworktechnology.com
>>>
>>> Please post all responses to the newsgroups for the benefit
>>> of all USENET users. Messages sent via email may or may not
>>> be answered depending on time availability....
>>>
>>> Remote Networking Technology Support Site -
>>> http://www.remotenetworktechnology.com
>>> Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
>>>
>>> On Tue, 10 Aug 2004 12:07:44 -0700,
>>> <anonymous@discussions.microsoft.com> wrote:
>>>
>>>>
>>>>>-----Original Message-----
>>>>>I think, myself, with disk/printer sharing off, the risk
>>>>is nil. In fact,
>>>>>I'd even allow printer sharing, I think. But then, I'm
>>>>not your admin.
>>>>>
>>>>>I would bet that there are worse risks already open to
>>>>that work
>>>>>network--does he successfully block all
>>>>IRC/chat/messenger/kazaa apps
>>>>>already?
>>>>>
>>>>>"bob" <bob@home.com> wrote in message
>>>>>news:hGdRc.264663$XM6.30127@attbi_s53...
>>>>>> What is the likelihood that a virus could be
>>>>transferred over RDP? I do
>>>>>> not
>>>>>> think this would be too great as I have yet to see any
>>>>news about viruses
>>>>>> spreading this way, but my ignorant supervisor(who
>>>>knows nothing about
>>>>>> networking) thinks that me connection to my XP machine
>>>>at home would put
>>>>>> my
>>>>>> work domain at risk. has anyone heard of any viruses
>>>>being spread this
>>>>>> way
>>>>>> (with disk/printer sharing off)?
>>>>>>
>>>>>>
>>>>
>>>>Hi,
>>>>
>>>>I think its pretty safe to use remote desktop because you
>>>>would be the only one that would have access to that
>>>>computer, and that computer would therefore block all
>>>>other incoming connections from the Internet. So the
>>>>chances of catching any viruses would be very small.
>>>>
>>>>Thai
>>>>>
>>>>>
>>>>>.
>>>>>
>>>
>>
>

Relevant Pages

  • Re: Antivirus 2008
    ... I'll be honest with you, in your situation, considering the fact that this is a network *AND* used by a finance controller, I would still have recommended a clean rebuild. ... It therefore has software/data and some proprietary programs that are not on the server. ... Once a computer is owned by someone else the only way to be 100% certain the infection is gone is to flatten and rebuild the system from known good media. ... For me, if the computer is part of a network that a business relies on, the best way to fix a malware infection is to flatten the computer and restore a clean image. ...
    (microsoft.public.windows.server.general)
  • RE: A question for the list...
    ... response, ... I had to take my computers and one server off the WAN ... crisis situation on a neighboring network and shutdown malware. ... virulent proliferation to extract the costs of infection cleanup? ...
    (Incidents)
  • Re: A question for the list...
    ... The problems started when attackers would launch an common attack (whom ... > incident response, ... > crisis situation on a neighboring network and shutdown malware. ... > virulent proliferation to extract the costs of infection cleanup? ...
    (Incidents)
  • Re: Antivirus 2008
    ... payroll) and some proprietary programs that are not on the server. ... 100% certain the infection is gone is to flatten and rebuild the system ... newsgroup I assume the computer in question is part of a network. ... Systems Administration ...
    (microsoft.public.windows.server.general)
  • CERT Advisory CA-2003-04 MS-SQL Server Worm
    ... code that most likely exploits two vulnerabilities in the Resolution ... traffic generated between hosts infected with the worm targeting SQL ... Activity of this worm is readily identifiable on a network by the ... protection whatsoever against the initial infection of systems. ...
    (Cert)