Tech Support banner

Status
Not open for further replies.
1 - 5 of 5 Posts

·
Registered
Joined
·
1,481 Posts
Discussion Starter #1
Borrowed from an Intresting forum...at http://board.security4testing.com/viewthread.php?tid=17194

The info is out there if you look hard enough ...he (JimX) makes good points and anyone fighting the front line of system security should adopt some if not all of it...:bandit:

Thought this might be helpful for preventing trojan infection...

Guidelines for network administrators

Have a strict policy in your organisation that downloading executables and documents from the net is unacceptable, and that anything that runs in your organisation has to be virus-checked and approved first. Unsolicited executables/documents/spreadsheets etc. should not be run inside any organisation. If you don't know that something is virus-free assume it isn't. Ideally, staff should not be allowed to have anything they don't actually need. However, you might want to consider providing a selection of games/ screen savers for staff to use which have been virus-checked.
Block any unwanted file types at the email gateway. Viruses often use file types such as VBS, SHS, EXE, SCR, CHM and BAT to spread. It is unlikely that your organisation will ever need to receive files of these types from the outside. If this is the case Sophos recommends blocking all of them at the email gateway - whether they are virus infected or not.
Some viruses attempt to disguise their true executable nature by using "double extensions". Files such as LOVE-LETTER-FOR-YOU.TXT.VBS or ANNAKOURNIKOVA.JPG.VBS may appear to be harmless graphic or ASCII text files at first glance at the file name. Sophos recommends blocking any file which has "double extensions" from entering an organisation.
Hoax virus warnings and chain letter emails can be as disruptive as viruses themselves. Aside from spreading misinformation and wasting staff time and resources, it can be very embarrassing for your organisation if an employee forwards these to contacts or customers. A firm hoax policy such as this should be put in place:

"You shall not forward any virus warnings of any kind to anyone other than <insert name of the department or staff member who looks after anti-virus issues>. It doesn't matter if the virus warnings have come from an anti- virus vendor or been confirmed by any large computer company or your best friend. All virus warnings should be sent to <insert name>, and <insert name> alone. It is <insert name>'s job to send round all virus warnings, and a virus warning that comes from any other source should be ignored."

You may also like to consider adding a live hoax information feed to your website or intranet.
If you don't need Windows Scripting Host, turn it off.
Change the CMOS bootup sequence so that rather than booting from drive A: if you leave a floppy in your machine, you boot by default from drive C: instead. This should stop all pure boot sector viruses (like Form, CMOS4, AntiCMOS, Monkey, etc) from infecting you. Should you need to boot from a floppy disk the CMOS can easily be switched back.
Make regular backups of important work and data, and check that the backups were successful.
Subscribe to an email alert service that warns you about new, in-the-wild, viruses. At the same time consider adding a live virus information feed to your website or intranet to ensure your users know about the very latest computer viruses.
Keep an eye on Microsoft's security bulletins. These warn of new security loopholes and issues with Microsoft's software.
Produce a set of guidelines and policies for safe computing and distribute them amongst staff. Make sure that every employee has read and understood them and that if they do have any questions they know who to speak to. You may want to base these on the Sophos user guidelines below.



Guidelines for users

Use Rich Text Format instead of DOC files which can harbour viruses. You can automatically save all of your Word documents as RTF by selecting Tools|Options|Save and choosing Rich Text Format as the default format from the drop down menu.
Do not run, download or forward any unsolicited executables, documents, spreadsheets, etc. Anything that runs on your PC should be virus checked and approved first.
Any email you weren't expecting should be treated with suspicion, even if it comes from someone you know. It is worth calling whoever sent it to you to check that they intended to send you the email.
Do not open any files with a double file extension, (e.g. iamavirus.txt.vbs). Under normal circumstances you should never need to receive or use these.
Do not download executables or documents from the internet. These are often used to spread computer viruses.
Although JPG, GIF and MP3 files cannot be infected with a virus, viruses can be disguised as these file types. Jokes, pictures, graphics, screensavers and movie files should be treated with the same amount of suspicion as other file types.
If in doubt, always ask your IT department for advice, do not open the file or email.
If you think you have been infected with a virus inform your IT department immediately. Do not panic or interrupt other users.
Any virus warnings or hoaxes should be sent to the IT department who can confirm whether or not it is genuine. Do not forward these warnings to anyone else; unless you are signed up to an official virus alert service it is unlikely to be a genuine warning.
If you have to work at home ensure that you follow the same procedures there as you do at work. Viruses can easily be brought into an organisation along with work that has been done on a home PC.

Anti-virus software will prevent the vast majority of viruses from entering an organisation but it is not fool-proof. It is your responsibility to ensure that you don't get infected with a computer virus.
 

·
Registered
Joined
·
1,393 Posts
While all of this is great for network security ... this guy needs to wake up! The best network security would be not to allow anyone on the network and not to allow anyone to do anything with their PC's!

This is not the real world. In the real world, it's hard just getting users not to pick a network password that is something like JobBob1 or stupidpassword.

In the real world EVERYONE uses Microsoft Office. Come on, get someone to change the file type to a .rtf instead of a .doc? Yeah, right. Most users don't even understand what file types are.

These security measures, while pretty secure, are pretty draconian. In the real world, IT doesn't control the IT environment - IT answers to the business units who tell IT what they want and how they want it. Usually, IMHO, IT will then tell them how much it will cost and some sort of compromise is worked out.

My $.02

:drunk:
 

·
Registered
Joined
·
283 Posts
I totally agree with Psuedocyber!!!!

In the real world end users cannot comprehend changing file extensions. All they want is to be able to get to files, read emails, and print. They don't care about security.

How could an end user change the file extension when they can't even change their background settings. All they want to do is to be able to hit the save icon and be able to open it whenever they want with the least amount of hassle.

But some of the points are good. Thanks Doonz.:winkgrin:
 
1 - 5 of 5 Posts
Status
Not open for further replies.
Top