Educause Security Discussion mailing list archives
Re: Brief Survey On Handling Hacked Machines
From: dennis <dennis () VALTX COM>
Date: Thu, 24 Oct 2002 18:18:26 -0400
Rich Travsky and Educause Security Members, Free Evaluation Security unit to Educause members In response to your questions on Desktop Security my company, Valt.X Technologies of Toronto manufactures a new hardware device called the Storage Firewall. With the Storage Firewall there is no such thing as your machines becoming compromised - you just press the reset button to automatically eliminate Viruses, Hacker Exploits, Spyware, and unauthorized user changes including programs. We will give you back control of your computers. Recovery is automatic and instant. It's a Hardware device - no software - no drivers - no updates - no maintenance and it works with any PC based OS - current or future - including all Windows, Unix, Linux, OS2, BEOS and Dos - yes it works with Dos. I am inviting any Educause Security Group member that wants to evaluate our innovative device to just email me at dennis () valtx com . I will send our product information and a sample unit at no cost. Now we are a startup and I would have preferred to get paid however as Educause has been generous in allowing my participation - I feel that it is best that we ship our evaluation units at no cost to participants. Dennis Meharchand CEO, Valt.X Technologies Inc. Tel: 416-746-6669, 1-800-361-0067 -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Richard W Travsky Sent: Thursday, October 24, 2002 5:02 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Brief Survey On Handling Hacked Machines Towards the end of summer here at the University of Wyoming we experienced a rash of IRC attacks and hacks (such as IRC BOT and IRC FLOOD) on Windows 2000 machines. These turned the machines into share points for pirated software. We experienced considerable network degradation, saturating our link. Eventually things were dealt with and are back to "normal", giving time for reflection... With that in mind, we are curious about how other universities and institutions of higher learning deal with such things and have a few questions: 1. What processes are you using to insure desktop security? Are you reactive or proactive in your approach? 2. What issues do you have? 3. Are you using firewalls/virus protection? 4. What products are you using for this? 5. Do you have a method of "pushing out" software patches/security fixes? 6. How do you handle compromised machines? (That is, a machine that has been hijacked to serve another purpose with the possibilities of backdoors etc remaining) Answers to these from our site's perspective are: 1. User education, promotion of safe computing practices, communication with users about security issues and why they're necessary. The approach is proactive but there are always things not planned for where reaction is the only means of dealing with it. 2. Issues would include such things as user compliance and education, manpower, privacy and feelings of intrusiveness (not everyone likes the IT folks doing any more poking around than necessary!) 3. Antivirus software (desktop and on mail servers), firewalls planned. 4. On the desktop we use Trend's Officescan; servers use Nortons, Sophos on mail servers. 5. We use SMS for some of our business oriented software (like Oracle and Peoplesoft) but not for patches. 6. This can depend on the degree of compromising. Rebuilding is always an option unless a clear means of removal is known. If you have a few moments, we would appreciate your responding with a line or two for these questions. Thanks for your time, Rich Travsky Division of Information Technology RTRAVSKY @ UWYO.EDU University of Wyoming (307) 766 - 3668 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Brief Survey On Handling Hacked Machines Richard W Travsky (Oct 24)
- <Possible follow-ups>
- Re: Brief Survey On Handling Hacked Machines dennis (Oct 24)
- Re: Brief Survey On Handling Hacked Machines Lance Jordan (Oct 29)