Fighting Back Against Malware

**Kalim** · 03-01-2007, 11:21 AM

This was published by Symantec September 2006, mainly for Enterprises as thats more of a crucial setting than home users. But nevertheless it covers everyone with Internet access, and it well reinforces what ASAP analysts and knowledgeable users usually recommend: http://www.symantec.com/enterprise/l...gainst_malware

Main points in summary:

"Besides keeping up-to-date on the latest threats and threat variants, enterprise users are encouraged to adopt the following "best practices" to prevent infection:

* Employ defense-in-depth strategies, which emphasize multiple, overlapping, and mutually supportive defensive systems to guard against single-point failures. This should include the deployment of antivirus, firewalls, intrusion detection, and intrusion protection systems on client systems.
* Turn off and remove services that are not needed.
* If malicious code or some other threat exploits one or more network services, disable or block access to those services until a patch is applied.
* Always keep patch levels up-to-date, especially on computers that host public services and are accessible through the firewall (such as HTTP, FTP, mail, and DNS services).
* Enforce an effective password policy.
* Configure mail servers to block or remove email that contains file attachments that are commonly used to spread viruses (such as .VBS, .BAT, .EXE, .PIF, and .SCR files).
* Isolate infected computers quickly to prevent the risk of further infection within the organization.
* Train employees to not open attachments unless they are expected and come from a known and trusted source, and to not execute software that is downloaded from the Internet unless it has been scanned for viruses."

03-01-2007, 11:21 AM	#1 (permalink)
Kalim Roaming To Help Join Date: Nov 2006 Posts: 5,642 OS: Many	Fighting Back Against Malware This was published by Symantec September 2006, mainly for Enterprises as thats more of a crucial setting than home users. But nevertheless it covers everyone with Internet access, and it well reinforces what ASAP analysts and knowledgeable users usually recommend: http://www.symantec.com/enterprise/l...gainst_malware Main points in summary: "Besides keeping up-to-date on the latest threats and threat variants, enterprise users are encouraged to adopt the following "best practices" to prevent infection: * Employ defense-in-depth strategies, which emphasize multiple, overlapping, and mutually supportive defensive systems to guard against single-point failures. This should include the deployment of antivirus, firewalls, intrusion detection, and intrusion protection systems on client systems. * Turn off and remove services that are not needed. * If malicious code or some other threat exploits one or more network services, disable or block access to those services until a patch is applied. * Always keep patch levels up-to-date, especially on computers that host public services and are accessible through the firewall (such as HTTP, FTP, mail, and DNS services). * Enforce an effective password policy. * Configure mail servers to block or remove email that contains file attachments that are commonly used to spread viruses (such as .VBS, .BAT, .EXE, .PIF, and .SCR files). * Isolate infected computers quickly to prevent the risk of further infection within the organization. * Train employees to not open attachments unless they are expected and come from a known and trusted source, and to not execute software that is downloaded from the Internet unless it has been scanned for viruses."