PaulDotCom mailing list archives
Re: LAN Virus outbreak Procedures
From: d4ncingd4n () gmail com
Date: Thu, 2 Sep 2010 23:16:13 +0000
If you know the name of the executable files, you may be able to use a software restriction policy in active directory to kill or limit the virus. Try to determine the infection mechanism. Don't forget to check any backup media, usb keys, etc to prevent reinfection. If you can isolate infected hosts as Russell mentioned, it will make it easier. As far as prevention, make sure the users are running with least user privileges, remove unneeded software from the machines, keep ALL software patched not just MS products (removal of unneeded software makes this easier), disable unneeded services, use different administrator passwords for each local machine if possible (to stop worms and pass the hash), segment critical machines (911) from web surfing machines on the network, etc. *user education *. Use this episode to illustrate the risks. (do you really want someone to die because 911 is down because you infected your machine playing Farmville?) Good luck! Bart Sent from my Verizon Wireless BlackBerry -----Original Message----- From: Tyler Robinson <pcimpressions () gmail com> Sender: pauldotcom-bounces () mail pauldotcom com Date: Thu, 2 Sep 2010 13:24:11 To: PaulDotCom Security Weekly Mailing List<pauldotcom () mail pauldotcom com> Reply-To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com> Subject: Re: [Pauldotcom] LAN Virus outbreak Procedures _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: LAN Virus outbreak Procedures, (continued)
- Re: LAN Virus outbreak Procedures Butturini, Russell (Sep 02)
- Message not available
- Message not available
- Re: LAN Virus outbreak Procedures Pat (Sep 02)
- Message not available
- Re: LAN Virus outbreak Procedures Craig Freyman (Sep 02)
- Re: LAN Virus outbreak Procedures Arch Angel (Sep 02)
- Re: LAN Virus outbreak Procedures Tyler Robinson (Sep 02)
- Re: LAN Virus outbreak Procedures Chris Keladis (Sep 02)
- Re: LAN Virus outbreak Procedures Tyler Robinson (Sep 02)
- Re: LAN Virus outbreak Procedures Chris Keladis (Sep 02)
- Re: LAN Virus outbreak Procedures Chris Keladis (Sep 02)
- Re: LAN Virus outbreak Procedures Craig Freyman (Sep 03)
- Re: LAN Virus outbreak Procedures Tyler Robinson (Sep 02)
- Re: LAN Virus outbreak Procedures d4ncingd4n (Sep 02)
- Re: LAN Virus outbreak Procedures Tyler Robinson (Sep 02)
- Re: LAN Virus outbreak Procedures Bill Swearingen (Sep 02)
- Re: LAN Virus outbreak Procedures Tyler Robinson (Sep 02)