dkm
09-22-2006, 12:08 AM
I am currently accessing the forums via my laptop indirectly through our corporate network.
Let me explain. We have a local workstation in our work area, for which we have to log in to access our local intranet for such things as job procedures, safety and information related bulletins, company e-mail, phone directories and any other company related baloney. All accounts are set-up as restricted, with no internet access, though it was easy enough to by-pass the proxy server, through the internet options in the control panel and access the net. Everything is done through a remote server, from running a hosts file to windows updates, e-mail, etc..
Initially the machine was set up for the use of myself, and the 3 other operators. The problem was that other people would come in and access the net, through their own accounts with their profiles stored locally, and though you would think that a multi-national corporation would have top-notch network security, this is not the case. To install a program, all you had to do was install it in a different directory other than the normal c:/program files/etc.. The IT guy picked it up the other day to muck out all the viruses. I e-mailed the IT department with some info related to the hosts file and other security measures. Whether they act upon it is another story.
Once, I went to renew a subscription to a local buy/sell publication which I can access online, and against my better judgement, typed in my Visa number. This is the first time I have ever used that number on a machine other than my own. Two days later it was compromised. I had used that number for the last four years. There was no loss, as that was a separate Visa for online use only, with a $500 limit and insurance against theft, so I lost nothing. Just goes to show you how fast it happens. But I digress.
My question is related somewhat to security, as myself and one other operator normally use our own laptops. I have checked on different occasions, and the IP address appears to be static. I am not sure how the network is set-up, but I would suspect a series of daisy-chained routers throughout the operation.
Since we are not logging in to the local network (nor do I want to with my own system) and I am assuming the company does not have their own DNS server, are there any security related issues I should be concerned about. I am not talking about me infecting anything company related, as my system is a whole lot better protected and immunized than theirs are, I am concerned about one of their systems infecting mine! Make sense? I have blocked any traffic from the remote gateway via my firewall.
Any insight, observations or opinions completely welcomed. Thanks.
Let me explain. We have a local workstation in our work area, for which we have to log in to access our local intranet for such things as job procedures, safety and information related bulletins, company e-mail, phone directories and any other company related baloney. All accounts are set-up as restricted, with no internet access, though it was easy enough to by-pass the proxy server, through the internet options in the control panel and access the net. Everything is done through a remote server, from running a hosts file to windows updates, e-mail, etc..
Initially the machine was set up for the use of myself, and the 3 other operators. The problem was that other people would come in and access the net, through their own accounts with their profiles stored locally, and though you would think that a multi-national corporation would have top-notch network security, this is not the case. To install a program, all you had to do was install it in a different directory other than the normal c:/program files/etc.. The IT guy picked it up the other day to muck out all the viruses. I e-mailed the IT department with some info related to the hosts file and other security measures. Whether they act upon it is another story.
Once, I went to renew a subscription to a local buy/sell publication which I can access online, and against my better judgement, typed in my Visa number. This is the first time I have ever used that number on a machine other than my own. Two days later it was compromised. I had used that number for the last four years. There was no loss, as that was a separate Visa for online use only, with a $500 limit and insurance against theft, so I lost nothing. Just goes to show you how fast it happens. But I digress.
My question is related somewhat to security, as myself and one other operator normally use our own laptops. I have checked on different occasions, and the IP address appears to be static. I am not sure how the network is set-up, but I would suspect a series of daisy-chained routers throughout the operation.
Since we are not logging in to the local network (nor do I want to with my own system) and I am assuming the company does not have their own DNS server, are there any security related issues I should be concerned about. I am not talking about me infecting anything company related, as my system is a whole lot better protected and immunized than theirs are, I am concerned about one of their systems infecting mine! Make sense? I have blocked any traffic from the remote gateway via my firewall.
Any insight, observations or opinions completely welcomed. Thanks.