Originally posted by: Rogue
Well, let's dredge up some nefarious actions that someone can do using Remote Desktop.
1) Acquisition of illegal or infected files from a remote, un-managed PC which are subsequently placed on the institutionally owned PC where they wreak havoc they otherwise would not have. Simply put, it's akin to putting a second door on a bank safe made of wood. You do understand that cut and paste functions work remotely that way, right? That in itself is enough justification to stop it. I would have simply blocked the ports outgoing at the firewall to stop morons like you.
Well I could just use a USB drive, email, a webserver, a FTP server, telnet,. Might as well just make the connection upload only
2) Remote viewing of explicit images which may offend passers by. I've seen several instances where people would remote to their home computer to mask their activities while they looked at porn or conducted other activities in violation of the standing policies. All it would take it one jackass to be looking at his private stash of porn on his computer at home remotely and someone walking by to be offended. Who do you think is going to take the heat? The school will take some of it.
The same person could host an apche server make the connection encrypted and ensure that there are no bad words on the page and be able to offend anyone that passes by.
3) Remember that the connection is a two way connection, so you're tunneling traffic over that connection that the administrators may not want to come into their network. Connecting to any remote PC is a massive unknown factor and only serves to turn a network's security architecture into swiss cheese.
Any connection is a massive unknow.
4) Any unnecessary application, and let's be honest here, you're probably the only one bitching about this on the entire campus thus making it unecessary, is a vulnerability. It's the same reason that I always, always, always rip out Outlook Express on a system I build. Don't use it, don't need it and I will only have to patch it later down the line when a vulnerability comes along. You're proving ignorant of the most basic principles of computer and network security.
Of course the user might use the software, so you not using it isn't a very good excuse to be to damn lazy to update the software when bugs are discovered
Need I go on? Oh, by the way, what you've said to this point about network security is some of the most naiive and ignorant bluster I've heard on the topic in some time. You CANNOT, I repeat CANNOT remove viruses or malicious code at layers 2, 3, or 4. You can certainly see them go by in the network stream provided the virus uses a particular protocol or port or originates or travels to a known IP at which point you can mitigate the risk at those levels through access control, but none of the devices that operate at those layers can do what you mistook the Cisco sales rep for telling you. I have a top of the line Cisco network stack at my edge and I can tell you first hand that it takes far more than a switch, router and firewall to secure a network from viruses, etc. Again, your bluster is riddled with ignorance and that's okay, you're learning a lot in this thread if you'd pull your head out and stop walking forward for a second.
I'm more than willing to educate you further if you so choose, but between spidey07 and myself, I think you've had your lesson on pwnage tonight. Sleep tight tonight little one and we'll learn more tomorrrow <pats little acemcmac on the head>
Oh, one more thing. It's
CORPORATE, CORPORATIONS, and ACCOMODATE.
Facebook
Twitter