RE: Allowing outside users access to company Intranet (anonymous)

Giganews Newsgroups
Subject: RE: Allowing outside users access to company Intranet (anonymous)
Posted by:  mtgarden (mtgard…@discussions.microsoft.com)
Date: Tue, 16 Jan 2007

Allowing annoymous users into the network poses several assorted risks.
First, it is possible that a user will store sensitive information in a
location that is accessable accross the network.  Secondly, this could allow
a malicious user to study your network and find exploitable machines.
Thirdly, if there is any possibility of someone being able to write to your
systems, you have little reason to expect a stable environment - someone will
upload malicious code onto your systems.

The purpose of a firewall is to protect against these types of attacks.
Your best option is to solve the authetication problem.  As a secondary
response, I would recommend that you set up an ftp server or http server that
will host the files.  Put that machine outside of the firewall and use it as
a billboard for your employees to share information.  I would only allow
people inside the network to have permission to write to this box though.  It
is extremely rare that an annoymous user should have write access to a
computer.

Hope that helps.

"Larry" wrote:

> We are currently having problems with basic authentication with users trying
> to access the company intranet and I was curious if that I turned off basic
> auth and allowed anonymous access would that be a big security issue since
> the info on our intranet is not confidential.  Any thoughts would be greatly
> appreciated.

Replies

None

In response to

Allowing outside users access to company Intranet (anonymous) posted by Larry on Tue, 16 Jan 2007