Home page logo
/

basics logo Security Basics mailing list archives

Re: Protecting Home Machines
From: "AragonX" <aragonx () dcsnow com>
Date: Wed, 26 Nov 2003 07:47:50 -0500 (EST)

<quote who="Cherian M. Palayoor">

I have a remote user whose laptop was severely infected by the trojans
MSBLAST & WiNSHOW.A.

I reinstalled the OS on the machine following a complete reformat, and
installed an anti-virus with the latest update. I ran a complete scan on
the
machine prior to shipping the machine back to the user.

The question is, "What do I do to prevent such occurrences which have
increased of late."

You have gotten a lot of good suggestions so far.  A few areas have been
left out though.  I'll try to wrap it all up.

1)  Reinstall the OS

2)  Install all security patches released by the Manufacturer.  Here is
the key:  Set Windows to automatically download and apply the patches! 
Users are really bad about doing this, so you have to make sure the
machine does it automatically.

3)  Get a hardware firewall to sit between the cable modem and the laptop.
 Again, make sure the software automatically updates itself.

4)  Install a personal firewall on the user's system, configure it and
show them how to use it.  Auto-update!!!

5)  Install a good anti-virus program.  Auto-update!!!

6)  If your company does not use Outlook, uninstall it.

7)  Use Mozilla as your browser.  Actually, use anything BUT IE.

8)  Don't give the user Admin rights.

9)  Use a secure email program that either does not process HTML or is
very selective about what HTML it does process.  It should never
automatically display referenced images.  Even embedded images can be a
security risk but that is rarely exploited.  It should also not process
any scripting languages (like VBA, Java etc).

10)  Continual user education.

That's about all I can think of.  The major point is:  Keep the machine
updated.  Users don't often see the need to do this step.

Following the above suggestions will give you a level of protection but
your user can throw a wrench in the gears.  He/she has to understand what
can cause a compromise on his system etc.


---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault