RE: Protecting Home Machines

["David Gillett" <gillettdavid () fhda edu>]

  Nachi infects by way of the same vulnerability as MSBlast.
In addition to reinstalling the *OS*, you needed to install the
various security patches to bring it up to date.

David Gillett


> -----Original Message-----
> From: Cherian M. Palayoor [mailto:cpalayoor () cwalkergroup com]
> Sent: November 20, 2003 11:23
> To: security-basics () securityfocus com
> Subject: Protecting Home Machines
>
>
>
> I have a remote user whose laptop was severely infected by the trojans
> MSBLAST & WiNSHOW.A.
>
> I reinstalled the OS on the machine following a complete reformat, and
> installed an anti-virus with the latest update. I ran a 
> complete scan on the
> machine prior to shipping the machine back to the user.
>
> However as soon as the user took back the machine home, he 
> was infected by
> another worm (NACHI.A) within a few minutes of connecting to 
> the internet
> through his high speed cable modem. He swears that he had not 
> downloaded
> anything nor tried any removable media on this machine.
>
> Following a bit of research on the matter, I am now aware 
> that it is possible
> for machines to get infected on the fly especially through 
> unprotected home
> internet connections.
>
> The question is, "What do I do to prevent such occurrences which have
> increased of late."
>
> My thanks in advance for any thoughts or words of advise. 
>
>
> CP
>
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> --------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------