Security Basics mailing list archives
RE: Protecting Home Machines
From: "Nicholson, Dale" <DNicholson () APACMail com>
Date: Mon, 24 Nov 2003 11:23:22 -0600
Note that if you don't install a firewall before connecting to the internet to download windows updates you will probably be infected before you have the chance to complete the downloads. Just last week I re-dropped a laptop with w2k pro. I installed Tiny and AVG before connecting. Within 30 seconds of being online Tiny was throwing up dozens of alerts, one of which looked like nachi. -----Original Message----- From: David Gillett [mailto:gillettdavid () fhda edu] Sent: Thursday, November 20, 2003 8:22 PM To: 'Cherian M. Palayoor'; security-basics () securityfocus com Subject: RE: Protecting Home Machines Nachi infects by way of the same vulnerability as MSBlast. In addition to reinstalling the *OS*, you needed to install the various security patches to bring it up to date. David Gillett
-----Original Message----- From: Cherian M. Palayoor [mailto:cpalayoor () cwalkergroup com] Sent: November 20, 2003 11:23 To: security-basics () securityfocus com Subject: Protecting Home Machines I have a remote user whose laptop was severely infected by the trojans MSBLAST & WiNSHOW.A. I reinstalled the OS on the machine following a complete reformat, and installed an anti-virus with the latest update. I ran a complete scan on the machine prior to shipping the machine back to the user. However as soon as the user took back the machine home, he was infected by another worm (NACHI.A) within a few minutes of connecting to the internet through his high speed cable modem. He swears that he had not downloaded anything nor tried any removable media on this machine. Following a bit of research on the matter, I am now aware that it is possible for machines to get infected on the fly especially through unprotected home internet connections. The question is, "What do I do to prevent such occurrences which have increased of late." My thanks in advance for any thoughts or words of advise. CP -------------------------------------------------------------- ------------- -------------------------------------------------------------- --------------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Information Security Presentations., (continued)
- Re: Information Security Presentations. Johannes B. Ullrich (Nov 23)
- Re: Protecting Home Machines AragonX (Nov 26)
- Protecting Home Machines Sys Sec (Nov 21)
- RE: Protecting Home Machines Jonathan Pesce (Nov 21)
- Re: Protecting Home Machines tomasfrota (Nov 23)
- RE: Protecting Home Machines Guillaume Lavoix (Nov 21)
- RE: Protecting Home Machines James Tusini (Nov 21)
- RE: Protecting Home Machines Hays Jim. (Nov 21)
- Re: Protecting Home Machines Carl_Foote (Nov 21)
- Re: Protecting Home Machines Mateus I (Nov 24)
- RE: Protecting Home Machines Nicholson, Dale (Nov 24)