Re : Block simulteneuos logons

[abdelhakim aliane <hakim_al () yahoo fr>]

Hi, have you tried this tool, it is my favorite one in users logons management : Userlock at 
http://www.isdecisions.com/en/

Regards,
Aliane.



----- Message d'origine ----
De : Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
À : security-basics () securityfocus com
Envoyé le : Mercredi, 7 Novembre 2007, 19h07mn 34s
Objet : Re: Block simulteneuos logons

On 2007-11-07 jd () eyesizwe co za wrote:
> I need assistance with the following query.. My company has a lot of
> remote access users and the problem that I am having is that most of
> my users use their AD accounts simulteneously. What I mean is that my
> users have dialing access and dial back options and what they do is
> they allow their family members to use their accounts during the day
> while they are at work working. So what I want to do is to block or
> allow only single logon for all users on the network. I want my
 system
> to be able to detect if the user has already logged on be either by
> dialup or network and deny the 2nd logon. what solutions can I
> implement?

Your users should not give their families access to company resources
 as
that raises both security and legal problems. This is a social problem,
which shouldn't be addressed by technical measures alone.

Suggest to your management to write up a policy that prohibits private
use of corporate resources and have the users sign it. Make clear to
your users that repeated violation of said policy will lead to
unemployment (also explain to them why they should not allow their
families to use company resources). Monitor successful logons to detect
policy violations.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq





      _____________________________________________________________________________ 
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail