Security Basics mailing list archives

RE: Protecting Home Machines

From: Guillaume Lavoix <glavoix () altadis com>
Date: Fri, 21 Nov 2003 11:28:06 +0100

That's pretty easy, install the latest security patches, downloading them
from Windows UPDATE website http://windowsupdate.microsoft.com
, or if you don't want to connect to this server because you're afraid it's
going to Infect your computer, download the files using and other machine
(already patched) and install them from a burnt cdrom for instance.

To know the list of patches that are missing on your server, use:
hfnetchk_3.86.0.1.exe http://hfnetchk.shavlik.com/default.asp

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
tools/hfnetchk.asp


Have a good day,
Guillaume
-----Mensaje original-----
De: Cherian M. Palayoor [mailto:cpalayoor () cwalkergroup com]
Enviado el: jueves, 20 de noviembre de 2003 20:23
Para: security-basics () securityfocus com
Asunto: Protecting Home Machines


I have a remote user whose laptop was severely infected by the trojans
MSBLAST & WiNSHOW.A.

I reinstalled the OS on the machine following a complete reformat, and
installed an anti-virus with the latest update. I ran a complete scan on the
machine prior to shipping the machine back to the user.

However as soon as the user took back the machine home, he was infected by
another worm (NACHI.A) within a few minutes of connecting to the internet
through his high speed cable modem. He swears that he had not downloaded
anything nor tried any removable media on this machine.

Following a bit of research on the matter, I am now aware that it is
possible
for machines to get infected on the fly especially through unprotected home
internet connections.

The question is, "What do I do to prevent such occurrences which have
increased of late."

My thanks in advance for any thoughts or words of advise.


CP


---------------------------------------------------------------------------
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Re: Protecting Home Machines, (continued)
- Re: Protecting Home Machines Byron Sonne (Nov 21)
- Re: Protecting Home Machines Don Voss (Nov 21)
- RE: Protecting Home Machines Wayne S. Ackley (Nov 21)
- Re: Protecting Home Machines Burak Bilen (Nov 21)
  - Information Security Presentations. John Sm (Nov 21)
    - Re: Information Security Presentations. Johannes B. Ullrich (Nov 23)
- Re: Protecting Home Machines AragonX (Nov 26)
- Protecting Home Machines Sys Sec (Nov 21)
  - RE: Protecting Home Machines Jonathan Pesce (Nov 21)
  - Re: Protecting Home Machines tomasfrota (Nov 23)
- RE: Protecting Home Machines Guillaume Lavoix (Nov 21)
- RE: Protecting Home Machines James Tusini (Nov 21)
- RE: Protecting Home Machines Hays Jim. (Nov 21)
- Re: Protecting Home Machines Carl_Foote (Nov 21)
- Re: Protecting Home Machines Mateus I (Nov 24)
- RE: Protecting Home Machines Nicholson, Dale (Nov 24)