|
midrange.com
Dave,
I agree with Phil's assessment of the benefits gained on securing the sign-on
display by properly controlling the LMTCPB parameter of your users.
John was right to point out the limitation of this control with regard to
remote access, however, Phil was indeed addressing the question at hand
regarding the ability to control command line usage within the traditional
display session environment.
BTW, if you do end up extrapolating this issue out to the remote access (exit
point) security arena, be sure to do your homework before choosing an exit
program vendor. I know of some deficiencies and usability issues with some of
them. Feel free to contact me offline if you would like to know more.
Best regards,
Steven W. Martinson, CISSP, CISM
Consultant - Servique, LLC
Cell 281.546.9836
www.servique.com
4801 Woodway Drive, Suite 300E
Houston, TX 77056
"Uniquely Qualified"
---------------------------------
All-new Yahoo! Mail - Fire up a more powerful email and get things done faster.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
