January 13th, 2004, 12:11 PM
Avoid worms with these seven steps.
Most successful worm infestations can be avoided by taking a few simple precautions. Although you shouldn't expect total safety, these steps will help you get close. And don't just follow these steps once; constant vigilance is the key.
Never expose an unpatched, nonupdated computer or other device to the Internet.
Always use a firewall between your enterprise and the Internet. Use firewalls between portions of your network and, where possible, use software firewalls on each machine.
Train your users. Many a good network has been undone by careless users who download infected e-mail, visit infected Web sites, or bring infected machines into a network from outside.
Patch and update machines frequently. Yes, it's a pain, and it may require time for testing as well as patching. But it's probably easier and cheaper than trying to fix an infestation, or explaining to business partners how you infected their system through the VPN connection.
Require up-to-date antivirus software on every machine. These packages also protect against worms.
Create, enforce and audit your security policies. You must have rules, and they must be enforced for all users. Audit employee compliance with the rules and get high-level support for mandating that compliance.
Frequently check your enterprise for vulnerabilities. Visit vulnerability Web sites, take advantage of free scanning tools on the Internet, and invest in vulnerability scanners if you have a large network. New vulnerabilities and new exploits crop up constantly, and you can't protect against them if you don't know about them.
Don\'t Be So HumblE>>>>
You aRe N0T tHaT GreaT<<<<
January 28th, 2004, 09:42 PM
"Never expose an unpatched, nonupdated computer or other device to the Internet. "
-- I think we all know this, but what about someone who has never heard of a Windows Update.
January 28th, 2004, 10:17 PM
Just one more thing.
Almost all protect programs need to be installed.
It means that path to programs are know and some chages there, makes chrash of system.
Process list can be used to find running protect programs and shutdowing of them or some parts of them. // Thats make you securety very bad //
If you want to prevet that vs new worms or other damages.
1) you must have back up
2) some protect programs that can be updated via some scheulder automaticaly and that dont need to be installed that you can have on some flash USB. If you are using just one PC. Or just transfer them to damaged PC on some write protected // t.ex. CD // that you burned on other PC with updated non need install programs //
Q. where can if them?
// too far away outside of limit
January 29th, 2004, 01:38 AM
Another thing that's good:
Use a limited user account unless you have to be logged in as an admin or root to do something. If at all possible, use the su or runas command to perform administrative tasks, rather than just logging on as root/admin.
Also, on Win2K/XP boxes, make sure only SYSTEM, Local Service, and the admin accounts have full access to WINNT\System32 and other sensitive parts of the system (like the registry). Any other accounts should have read only, with the obvious exceptions of the Guest and hidden accounts, which should have no access (and preferably no accounts )
This will help secure the system when used in tandem with each other by ensuring that if a virus enters the system you don't have the authority to modify system files (Because you are a limited user) nor will a process be able to modify registry keys (unless it uses another process that is running under system or local service).
It's not fullproof, but every little bit counts!