FW: breakout of citrix

["Carolyn Ryll" <carolyn.ryll () alttech com>]

Answer courtesy of Alternative Technology, Inc:

This can be restricted in a group policy by restricting access to the
specific drives that are not supposed to be accessed. This is in the GPO
and if you let me know what version of Windows Domain you have, we can
detail exactly where.

Carolyn Ryll
Sr. Security Consultant
CISSP, MSCS, MBA
Alternative Technology, Inc.
24 Inverness Place East
Englewood, CO 80112
Toll-free: 800-544-7674 ext 2426
http://www.alttech.com/support/index.php

Note: This correspondence may contain confidential and/or privileged
material and is only transmitted for the intended recipient. Any review,
retransmission, conversion to hard copy, copying, reproduction,
circulation, publication, dissemination or other use of, or taking of
any action, or omission to take action, in reliance upon this
information by persons or entities other than the intended recipient is
prohibited. If you have received this message in error, please contact
the sender and delete the material from any computer, disk drive,
diskette, or other storage device or media.

-----Original Message-----
From: Kenzo [mailto:kenzo_chin () hotmail com]
Sent: Tuesday, October 19, 2004 10:51 AM
To: security-basics () securityfocus com
Subject: breakout of citrix

I was wondering if anyone has seen this and if there is a fix for this.
basically this is what's happening.
We have a test citrix environment serving couple apps.
The clients can either connect using the windows ica client or thru a
WYSE terminal.
In both case the same thing happens.
One particular app that we provide is MS word.
I discovered that if you insert a link into the work document such as
"c:\"
and click on it.
Citrix freaks out, then gives you the desktop of the citrix server.
> From there you can do access what ever programs you want.

Any ideas on how to fix this??

Thanks.