LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 01-05-2005, 04:11 PM   #1
danfig
LQ Newbie
 
Registered: Nov 2004
Location: California
Posts: 4

Rep: Reputation: 0
Exclamation 911 Dispatch PC Security :: Isolate Internet Viruses


Our government agency has a need to allow our 911 Dispatchers access to the Internet on their MS W2K PCs. The problem is they pull in tons of virus/trojan junk, while doing so. These PCs are on our flat (yuk) city wide network.

We would like to apply the following solution (please feedback on):

On our DMZ, setup a Microsoft Terminal Services server which will be dedicated to servering a Firefox session to each 911 PC for Internet browsing via a dedicated NIC.
The thinking here, is they are not running a browser on the PCs, but an emulated browser, thus the virus occurrance would be on the MS Terminal Server that's isolated from our city network. The other NIC would allow them Intranet browsing only and access to email & files, etc.
 
Old 01-05-2005, 04:56 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Moved: Not a Linux related question. This thread is more suitable in the General forum and has been moved accordingly to help your thread/question get the exposure it deserves.
 
Old 01-05-2005, 08:30 PM   #3
Lleb_KCir
Senior Member
 
Registered: Nov 2003
Location: Orlando FL
Distribution: Debian
Posts: 1,765

Rep: Reputation: 45
dont see why it would not work. TS is very good if the server is powerful enough, but keep in mind that means a TS client license for each work station.

second, why are they downloading stuff if they are dispatchers? id just put up a much more secure firewall ruleset that prevents them from just browsing the web, also set up AD permissions and reduce every 911 dispatcher down to most restricted accounts so they can no longer install anything.

AD and a strong firewall rule set will stop 99% of the viruses from getting into your network and also help keep the dispatchers productive instead of waisting time playing around and downloading cr4p they should not be in the first place.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to isolate redundent libraries? dejavu_01 Slackware 3 08-24-2005 01:28 AM
How do I isolate a piece of string? vous Programming 4 03-16-2005 01:43 PM
What's a good distro if I'm really paranoid about security/viruses? Mr. Hill Linux - Newbie 12 02-23-2005 10:59 PM
Elderly PC may have a HW fault - how to isolate/fix? CestusGW Linux - Hardware 3 03-24-2004 04:11 PM
Viruses and Security KDE4me Linux - Newbie 7 05-24-2003 09:06 PM


All times are GMT -5. The time now is 11:19 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration