Security Basics mailing list archives
Re: Protecting Home Machines
From: Carl_Foote () cyro com
Date: Fri, 21 Nov 2003 15:59:54 -0500
There is an approach we use that has yielded good results. All company laptops are configured for VPN. All Laptops have Norton corporate installed with update management. All have Cisco Security agent installed for laptop protection. This has prevented alot of the issues you mentioned. That and a firm wrist slapping when they misuse the equipment. There are company policies in place and we do not allow for many exceptions, unless shareholder value is involved. Carl Foote, CCNA Don Voss <voss () albany edu> To: "Cherian M. Palayoor" <cpalayoor () cwalkergroup com> cc: security-basics () securityfocus com 11/21/2003 05:57 Subject: Re: Protecting Home Machines AM Cherian, Non trivial question. I have been trying to keep home laptops stable here also. The best I can do is some education. They are, for the most part personally owned .. or treated that way most times. If they bring them in for a dhcp connection in their offices .. I have to authorize the mac > ip to get them on .. thats when I patch, patch, patch .. + make sure virus protection is loaded, current. The patches should take care of the known .. the new ones we are all open to. We use norton corp version. This is where virus crosses over to worms .. I do not care to debate the descriptions .. hostile is hostile. I have a simple setup at home: cable modem .. a linksys .. closed down as much as I know how .. and the machines use it's nat. Currently patched and with norton material. Very non-tech users [my family] .. so far so good. I have considered something like this to recommend to faculty but they would not consider it .. the smart ones ask what I do. To roll a procedure out as a policy is the real question .. which I would like to hear what other larger places are doing. One would need to "own" the laptop .. vpn material ? virus protection, what else ? Can they be screened when it comes in and attach to a domain .. push patches, etc. /don Cherian M. Palayoor wrote:
I have a remote user whose laptop was severely infected by the trojans MSBLAST & WiNSHOW.A. I reinstalled the OS on the machine following a complete reformat, and installed an anti-virus with the latest update. I ran a complete scan on
the
machine prior to shipping the machine back to the user. However as soon as the user took back the machine home, he was infected
by
another worm (NACHI.A) within a few minutes of connecting to the internet through his high speed cable modem. He swears that he had not downloaded anything nor tried any removable media on this machine. Following a bit of research on the matter, I am now aware that it is
possible
for machines to get infected on the fly especially through unprotected
home
internet connections. The question is, "What do I do to prevent such occurrences which have increased of late." My thanks in advance for any thoughts or words of advise. CP
---------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Protecting Home Machines, (continued)
- Re: Protecting Home Machines Burak Bilen (Nov 21)
- Information Security Presentations. John Sm (Nov 21)
- Re: Information Security Presentations. Johannes B. Ullrich (Nov 23)
- Information Security Presentations. John Sm (Nov 21)
- Re: Protecting Home Machines AragonX (Nov 26)
- Protecting Home Machines Sys Sec (Nov 21)
- RE: Protecting Home Machines Jonathan Pesce (Nov 21)
- Re: Protecting Home Machines tomasfrota (Nov 23)
- RE: Protecting Home Machines Guillaume Lavoix (Nov 21)
- RE: Protecting Home Machines James Tusini (Nov 21)
- RE: Protecting Home Machines Hays Jim. (Nov 21)
- Re: Protecting Home Machines Carl_Foote (Nov 21)
- Re: Protecting Home Machines Mateus I (Nov 24)
- RE: Protecting Home Machines Nicholson, Dale (Nov 24)
- Re: Protecting Home Machines Burak Bilen (Nov 21)