Security Basics mailing list archives
Re: Protecting Home Machines
From: "AragonX" <aragonx () dcsnow com>
Date: Wed, 26 Nov 2003 07:47:50 -0500 (EST)
<quote who="Cherian M. Palayoor">
I have a remote user whose laptop was severely infected by the trojans MSBLAST & WiNSHOW.A. I reinstalled the OS on the machine following a complete reformat, and installed an anti-virus with the latest update. I ran a complete scan on the machine prior to shipping the machine back to the user. The question is, "What do I do to prevent such occurrences which have increased of late."
You have gotten a lot of good suggestions so far. A few areas have been left out though. I'll try to wrap it all up. 1) Reinstall the OS 2) Install all security patches released by the Manufacturer. Here is the key: Set Windows to automatically download and apply the patches! Users are really bad about doing this, so you have to make sure the machine does it automatically. 3) Get a hardware firewall to sit between the cable modem and the laptop. Again, make sure the software automatically updates itself. 4) Install a personal firewall on the user's system, configure it and show them how to use it. Auto-update!!! 5) Install a good anti-virus program. Auto-update!!! 6) If your company does not use Outlook, uninstall it. 7) Use Mozilla as your browser. Actually, use anything BUT IE. 8) Don't give the user Admin rights. 9) Use a secure email program that either does not process HTML or is very selective about what HTML it does process. It should never automatically display referenced images. Even embedded images can be a security risk but that is rarely exploited. It should also not process any scripting languages (like VBA, Java etc). 10) Continual user education. That's about all I can think of. The major point is: Keep the machine updated. Users don't often see the need to do this step. Following the above suggestions will give you a level of protection but your user can throw a wrench in the gears. He/she has to understand what can cause a compromise on his system etc. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Protecting Home Machines Cherian M. Palayoor (Nov 20)
- RE: Protecting Home Machines David Gillett (Nov 21)
- Re: Protecting Home Machines Vishal (Nov 21)
- Re: Protecting Home Machines Byron Sonne (Nov 21)
- Re: Protecting Home Machines Don Voss (Nov 21)
- RE: Protecting Home Machines Wayne S. Ackley (Nov 21)
- Re: Protecting Home Machines Burak Bilen (Nov 21)
- Information Security Presentations. John Sm (Nov 21)
- Re: Information Security Presentations. Johannes B. Ullrich (Nov 23)
- Information Security Presentations. John Sm (Nov 21)
- Re: Protecting Home Machines AragonX (Nov 26)
- <Possible follow-ups>
- Protecting Home Machines Sys Sec (Nov 21)
- RE: Protecting Home Machines Jonathan Pesce (Nov 21)
- Re: Protecting Home Machines tomasfrota (Nov 23)
- RE: Protecting Home Machines Guillaume Lavoix (Nov 21)
- RE: Protecting Home Machines James Tusini (Nov 21)
- RE: Protecting Home Machines Hays Jim. (Nov 21)
- Re: Protecting Home Machines Carl_Foote (Nov 21)
- Re: Protecting Home Machines Mateus I (Nov 24)
- RE: Protecting Home Machines Nicholson, Dale (Nov 24)