Re: This time, how secure is Citrix?

[richardw <richardw () area52 allserve net>]

Food for thought:

If the user has a key-logger installed, which is not that uncommon these 
days with all the mal and spyware getting installed on computers, then 
the hacker could fire up Citrix from anywhere/anytime and access your 
user's account.

Also, if you are mapping drives, the possibility of spreading viri, 
worms, etc. is very real.

Maybe a solution would be SecureID (hard token) enabled AD?

Cesar Diaz wrote:
> List,
>
> I asked a question a few days ago about how secure VPN access is for
> home users on their own home PCs.  I received many helpful answers. 
> Thank you all for that.
>
> I also want to ask everyones opinion on how secure remote access
> through Citrix can be.
>
> We use Citrix MetaFrame XP available through Nfuse available thorugh a
> public IP address.  The Nfuse website is secured with 128-bit SSL. 
> Our firewall only allows port 443 to access the server through that
> IP.
>
> The concern now isn't as much the possibility of viruses, worm, etc.
> spreading since this is not a direct connection to our LAN like a VPN.
>  The concern is that if a hacker has gained access to the users home
> computer, then they can access the resources on the network that the
> user accesses.
>
> The idea has been floated of running a script when the user connects
> that deletes their default route to the Internet, then adds a route
> directly to our network.  This should theoretically remove access to
> their machine from the Internet.  We would run an exit script that
> reverses this so they get their connectivity back.
>
> Thanks again for any advice,
>
> Cesar Diaz