Security Basics mailing list archives
RE: adding another defence layer against viruses/worms
From: Juan B <juanbabi () yahoo com>
Date: Tue, 1 Dec 2009 18:13:25 -0800 (PST)
Ok I will take look on the AV, they have now symentec. They have windows 2003 servers and xp as pc's. what you suggest implementing with GPO to elevate the security of the pc's? today they use GPO only to block the screen after 15 minutes of none use. And they need the USB and cd to transefer pictures they really need to use for work tasks. Must of the users don’t have admin rights on there machines. What else can I implenet to elevate the security? They implent patches throw WSUS and keep the pc's updated. Maybe to use the FW feature of the AV? You have a security template you can send me? Thanks for your answer. juan -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Quark Group - Hilton Travis Sent: Friday, November 27, 2009 5:38 PM To: security-basics () securityfocus com Subject: RE: adding another defence layer against viruses/worms G'day Juan, The best move would be to deploy a good AV product instead of whichever one you're currently running. The best one around now (and since about 1999) is still NOD32, however you cannot run the latest version on Servers also running Microsoft Exchange as the Eset guys seem to have deemed Exchange not worth updating for - their current version is 4.x however the latest Exchange version is 2.7x, meaning you need to run an ancient version on Windows Server boxes running Exchange - something I honestly cannot understand why they have left this way. Aside from that issue, NOD32 has the best heuristics, best detection rates and outstandingly low false positive rates *even* when Heuristics have been cranked up to the highest level. So, I'd look at fixing the broken AV issue at the source, then look at other ways to implement better control of the remote PCs, such as distributed AD controllers and using GPO for what it was designed for - control of servers and desktops on the domain. -- http://hiltont.blogspot.com/ Regards, Hilton Travis Phone: +61 (0)7 3105 9101 (Brisbane, Australia) Phone: +61 (0)419 792 394 Manager, Quark IT http://www.quarkit.com.au Quark Group http://www.quarkgroup.com.au War doesn't determine who is right. War determines who is left.
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Juan B Sent: Wednesday, 25 November 2009 12:04 AM To: security-basics () securityfocus com Subject: adding another defence layer against viruses/worms Hi all, I'm doing some security consulting for a client. this client have around 30 remote branches connected to his core. the problem is that sometimes the AV fails to detect new viruses/worms coming from those branches so those viruses/worms mess up his LAN.another problem is that the the client doesn't have much of control over the remote PCs in the branches. so I thought about adding another layer of defence in which we will add an IPS (which Ips detects also viruses/worms??) which will filter and scan all traffic coming from the branches. I just wonder if you guys agree with my suggestion. any comments will be welcomed. BTW, any recomendations for the IPS? thanks a lot juan
This document and any attachments are for the intended recipient only. It may contain confidential, privileged or copyright material which must not be disclosed or distributed without prior approval. Quark Group Pty Ltd :: ABN 23 114 975 772 Trading As Quark AudioVisual, Quark Automation, Quark IT ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ -------------------------------------------------------------------------------- << ella for Spam Control >> has removed 2595 Spam messages and set aside 0 Newsletters for me You can use it too - and it's FREE! www.ellaforspam.com ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: adding another defence layer against viruses/worms Juan B (Dec 01)
- <Possible follow-ups>
- RE: adding another defence layer against viruses/worms Quark Group - Hilton Travis (Dec 01)
- Re: adding another defence layer against viruses/worms Nathan ONeal (Dec 01)
- RE: adding another defence layer against viruses/worms Juan B (Dec 03)
- RE: adding another defence layer against viruses/worms Juan B (Dec 03)
- Re: adding another defence layer against viruses/worms Kraig Babin (Dec 03)