Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: Re: Basic Windows Security Question

Re: Basic Windows Security Question

From: Jon Lawhead <samurai_at_berkeley.edu>
Date: Wed, 30 Mar 2005 15:52:47 -0800

I think updated antivirus, proper user permissions, and a well configured IDS would be your best
bet in security in this instance. USB drives can be very useful in many different lines of work,
and disabling their use would probably not be the wisest move. Disabling the entire USB system
would be, in my opinion, a terrible idea, as many devices interface only through USB. I would
suggest implementing an IDS that has the ability to monitor the network for virus/trojan/spyware
signs, and to disconnect offending computers from the network before infections can spread
(perhaps by moving infected computers to an unauthorized vlan). This, combined with a good
antivirus, should keep you relatively secure. Make sure to educate your employees about proper
security protocols as well, so that they know how to avoid contaminating your network. Good luck.

Jon Lawhead
Network Security Coordinator
Residential Computing, UC Berkeley

On Tue, 29 Mar 2005 16:20:46 -0500
  "Andrew McIntosh" <amcintosh_at_networkadvocates.com> wrote:
> Hello Everybody,
>
> I am curious to see the different suggestions for this scenario:
>
> Suppose you have a small company of less than 100 employees. One of the
> employees likes to bring his work home on occasion. He does so using a
> USB thumb drive. One day he catches a [virus, worm, Trojan, spyware,
> anything you can think of] at home and it winds up on his thumb drive,
> which he in turn brings to the company network.
>
> The company certainly should have anti-virus software in place, which
> would fix that problem. But what if he unknowingly loads a key logging
> program that could capture private customer information? What do you
> suggest? Here is what I could think of so far:
>
> Disable USB Port - That would solve the particular problem and create
> other problems. For instance, substitute the thumb drive with a floppy
> disk or CD. For obvious reasons you don't want to disable those as well.
>
> Restrict user permissions - That could potentially prevent a program
> from installing itself, but it would also cause the user some grief if
> they need to install programs themselves, or even do simple things like
> changing personal settings.
>
> Security Policy - Haven't looked into this yet, but maybe there is a way
> to prevent the use of thumb drives and other specific devices through
> security policy.
>
> What do you think?
>
> Thanks!
>
> ====================
> amcintosh_at_ntad.com
> ====================
>

---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals. Norwich University is fulfilling this demand with its MS in
Information Security offered online. Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------
Received on Mar 31 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]