Security Basics mailing list archives

Fwd: Help with guidlines

From: "Chris Barber" <cmbarber () gmail com>
Date: Wed, 6 Dec 2006 16:33:23 -0700

Hi all,

First I would like to apologize if this has been asked and answered on
the list before.

Here is my situation:  I work for a very large organization with
several "IT Departments".  There is the Enterprise IT staff and they
are in charge of all services and functions that are company wide,
E-Mail, Internet Access, Network infrastructure, Network security,
etc.  The other departments then have there own LAN Admin staff that
handle the day to day network activities.  I am relatively new to the
company and have recently learned that the LAN Admin staff for the
different departments all handle things in their own way, not always
following best practices.

The latest disaster was just a few days ago when our sales dept. LAN
admins were setting up 50 new laptops for the sales force.  All 50
laptops were on the network while 3 LAN Admins rotated from unit to
unit installing updates and new software.  Don't ask me why they were
doing this the hard way, but they were.  Now, one of the LAN admins
from Product development came to me with an issue he was having with a
programmers Laptop.  The Programmer brought it in and said that it was
"Acting funny".  When I asked him what he had done so far, his
response was "After connecting it to the network, I looked at the DHCP
settings, then started a defrag, and poked around in the control
panel, Add/remove programs, etc.  I have been working on the PC for
several hours now, and..."

My jaw hit the floor.  Yeah, we now have 50 brand spanking new Laptops
hot off the truck from Dell, all of them infected with... well as it
turns out only 5 different virus/worms.

Enough of my ramblings and to the point of my E-Mail to the group...
Does anyone have a set of written guidelines or whathaveyou that they
would be willing to share with me and/or the group or point me in the
direction of a web site that has something to get me started it would
be most appreciated.

Thanks in advance
(Professionally Frustrated)
Chris.

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

Fwd: Help with guidlines Chris Barber (Dec 07)
- RE: Help with guidlines David Gillett (Dec 08)
- Re: Help with guidlines Justin Lintz (Dec 08)
  - Re: Help with guidlines Chris Barber (Dec 08)
- <Possible follow-ups>
- RE: Help with guidlines Mark Palmer (Dec 08)
- Re: Re: Help with guidlines krymson (Dec 12)