RE: Internet Cafe
From: Cache Administrator (Quantin@gmx.net)
Date: 01/21/03
- Previous message: Ing. Bernardo Lopez: "Very basic security question:"
- In reply to: Christian Freas: "RE: Internet Cafe"
- Next in thread: Will Munkara-Kerr: "RE: Internet Cafe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Cache Administrator <Quantin@gmx.net> To: Christian Freas <Christian.Freas@fairbankscapital.com> Date: 21 Jan 2003 11:27:52 +0200
How about limiting access on MAC layer by creating an ACL on router
level? That would prevent people from logging on the system with their
laptops.
On Thu, 2003-01-16 at 20:18, Christian Freas wrote:
> The problem I assume is not with the W2K workstations but with users
> bringing laptops and either plugging into, or having wireless access to
> his network. Using W2K workstations and some simple GPO settings will
> let him control what happens with his workstations.
>
> -----Original Message-----
> From: Nicko Demeter [mailto:nicko@siterra.com]
> Sent: Wednesday, January 15, 2003 3:44 PM
> To: 'Ferry van Steen'; security-basics@securityfocus.com
> Subject: RE: Internet Cafe
>
>
> Why Win2k on every station? You could run terminals that communicate
> with a Terminal Server or even a cluster of terminal servers and then
> simply restrict what the users can access over the terminals.
>
> Nicko
>
> -----Original Message-----
> From: Ferry van Steen [mailto:ferry.van.steen@InfoPart.nl]
> Sent: Tuesday, January 14, 2003 11:38 PM
> To: security-basics@securityfocus.com
> Subject: Internet Cafe
>
>
> Hey there,
>
> for the first time I have to setup an internet cafe. I want to use Win2k
> on the workstations and "cripple" it using the policies it has, then use
> linux as a firewall/proxy with squid. Having only a proxy and not a
> gateway should already narrow down a lot of security issues, but I
> believe kazaa and some others still work through proxies and I have
> hardly any idea on how secure the win2k policies are... Basically all I
> want to allow them is using IE on websites/ftp sites, they should be
> able to download, but only to a single folder and msn messenger should
> work.
>
> Anyways, anyone got any suggestions/comments on what I really have to
> look out for? I'm thinking it should be reasonably secure, but in places
> like this you always have the added risc of people wanting to damage the
> OS/system or use it as a place from which to attack others.
>
> Kind regards and TIA,
>
> Ferry van Steen
>
>
- Next message: Vachon, Scott: "RE: VPN & PPPoE"
- Previous message: Ing. Bernardo Lopez: "Very basic security question:"
- In reply to: Christian Freas: "RE: Internet Cafe"
- Next in thread: Will Munkara-Kerr: "RE: Internet Cafe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
