Discussion on:
View:
Show:
I agree with your assessment, but wanted to pass along a concern that I became aware of the hard way. You can image a drive all you want, but you have to make sure it's clean -- no sleepers. Otherwise you are right back where you started.
After I set up a new system, I immediately create an image. Then I create a new image every week. (it's automated) If something goes wrong, I can go back to the newest clean image. It may be a pain sifting through images but it has saved me and it sure beats reinstalling the OS and starting from scratch.
For myself personally, I run Ubuntu Desktop on bare metal, and Win7 inside a VM for the few apps that don't run under Ubuntu.
This accomplishes a couple of things.
This accomplishes a couple of things.
- Ubuntu is more secure by default and much less targeted to boot
- if something happens with my Win7 "machine" from an infection (less likely to happen with it being isolated in a VM) to just a bad IT change control (just as bad), I just rollback to the last known good snapshot. Much faster than Ghost (or in my case Clonezilla).
I use the same strategy. Running the browser in something like Sandboxie is also a good thing.
This isn't a particularly useful piece, more of a vent/rant/opinionated piece than a useful technical article, sorry.
Rambling article, which leaves the main question unanswered.
Do you get infected by just visiting facebook?
Or do you have to perform certain actions?
And why should I trust someting from http://www.nu2.nu/pebuilder/??
What country is that anyway?
Do you get infected by just visiting facebook?
Or do you have to perform certain actions?
And why should I trust someting from http://www.nu2.nu/pebuilder/??
What country is that anyway?
I checked after reading this post, and Norton already has the protection patch out and it is loaded on any machine that has automatic live update. As I often suspect, a good virus scanner will not only catch and disable most viruses on the fly, but will clean up equally well. No need to kill this ant with a sledgehammer...
Since when is OpenDNS the end-all solution to content filtering in the enterprise? I've seen a handful of articles recently touting it's ability to block social media, streaming video, etc...
Cause if so, I want to tell people. Also, is it Windows specific?
Best defense is to just open Facebook in a vitual sandbox window. Then when you open a picture or some virus ladened object, it will just remain in the sandbox never to infect your computer.
I also use the same technique of using one drive for the operating system only, and a second drive for data. I find it very helpful in that in the event of a catastrophic failure, I simply restore my OS from an image file. It has come to my rescue on several occasions.
With 45,000 infected FB accounts with this malware alone, does FB not bear any responsibility in being a haven for malware infestation?
Is there a step-by-step cleanup process for Ramnit listed anywhere? If I send this out to friends, it will just scare them.
Why would we rid ourselves of DLLs? They are an important and very useful component to application development.
...a boot CD based system for all my sensitive stuff like banking, payments, etc.
When I turn it off... poof, away goes everything. I think in light of this new malware, I'll also use the same setup to access FB (in a different session from above type stuff of course) for safety's sake.
Any of the bootable Linux distros will do for the purpose.
When I turn it off... poof, away goes everything. I think in light of this new malware, I'll also use the same setup to access FB (in a different session from above type stuff of course) for safety's sake.
Any of the bootable Linux distros will do for the purpose.
Am not sure why any serious IT person would seriously condone using facebook as a form of legitimate communication. Anyone who has been through the internet revolution from its inception would agree that social media goes through phases. Facebook has just proven how not to express yourself socially. If you think that you can secure a PC through Internet Security - you can't. If you think that you can clean an infected PC - unlikely.
People it is going to get worse before it gets better. Just don't use facebook or other social media. I have been fixing PC's for 20yrs and have seen more infections through facebook than any other form of media. Case example - an older lady client of mine only emailed on her pc. She never knew what a virus was or what email spam was - NEVER. She signed up for facebook - within MINUTES she received spam... spam had links to viruses... infected.
Go get yourself a friend or two in real life, talk to them, and avoid social media.
People it is going to get worse before it gets better. Just don't use facebook or other social media. I have been fixing PC's for 20yrs and have seen more infections through facebook than any other form of media. Case example - an older lady client of mine only emailed on her pc. She never knew what a virus was or what email spam was - NEVER. She signed up for facebook - within MINUTES she received spam... spam had links to viruses... infected.
Go get yourself a friend or two in real life, talk to them, and avoid social media.
Data separation is a great idea in theory, but it is so hard to do in practice. Every app that runs on Windows tries to put it stuff into the C: drive by default.
If there is some magic wand to change that default I'd love to know it.
If there is some magic wand to change that default I'd love to know it.
"A better step in the workplace is to lock out Facebook entirely, if it has no business use. There is an easy way to do this."
Banning Facebook in the enterprise is not an answer to the problem. As many I.T pro's of old would still tell you control is the admin's best friend, wrong, its a sure fire way to limit the users ability to work. Also preventing them from taking small 'social' breaks risks making the average employee even less productive.
I agree that limitations have to be set for those employees that will abuse any 'open' I.T policy but banning a social network completely will make you public enemy number 1.
A next generation firewall would be my first recommendation. A unified threat management (UTM) appliance that can anti-virus scan traffic at the gateway by using several different AV vendors offerings. Such a device can also be used to limit the time spent on social networks on an individual or group basis, with many UTM's linking with Active Directory for user management.
Its about time I.T departments and old school I.T Pro's realised that old school techniques no longer apply to a modern world.
"As many I.T pro's of old would still tell you control is the admin's best friend, wrong, its a sure fire way to limit the users ability to work."
I really don't care if you call me old school. Experience has shown me that if you remove control on the desktop, you decrease productivity.
Employees would install any application they wanted to create files and expect co-workers to have the expertise to use their application. Or worse, nobody could open the files their co-worker created. Then there are the games that get installed and the incompatible browsers, and the music players, and the file sharing applications, and the remote desktop sharing applications, and the stacks of toolbars in the browser.
Then they would complain that their computer was slow and ask for a replacement.
My Help Desk staff would spend most of their time undoing the mess that the users created on their desktops.
No, I don't miss those days one bit.
That being said, I don't mind it if users check in on Facebook every so often. As you say, you can put in controls (security appliances) to keep their computers out of harms way.
But remove other controls? I say absolutely not.
I understand a kid thinking that the old timers are just fuddy duddys, but they have to understand that IT has a responsibility to the Executive Management, who have a responsibility to the Board of Directors who have a responsibility to the stockholders. Widespread mismanagement in IT at best will get people fired, at worst could land someone in jail, or even worse, bankrupt the company with everyone defacto "fired". A couple of high profile security breaches that are the result of Facebook worms, and you'll see the "looseygoosey" companies tighten back up real quick, along with a CIO or two released from their positions.
Bob,
Your preferred system configuration: OPSYS and STORAGE. OPSYS contains OS and nothing else. Do I understand this correctly that all your application software (PROGRA~1), like word processor, spreadsheet, mail client, utilities etc. run on STORAGE? Or where you just not specific in your statement?
Your preferred system configuration: OPSYS and STORAGE. OPSYS contains OS and nothing else. Do I understand this correctly that all your application software (PROGRA~1), like word processor, spreadsheet, mail client, utilities etc. run on STORAGE? Or where you just not specific in your statement?
I really think your point about someone hijacking your email account from facebook can be addressed in this way. Just like you do with your hard drives, and I do too, have a secondary email address. Never use the email address you use for social media sites like facebook, for your financial data accounts. I always use a designated email account for online purchases and bill pay and a second one for facebook...ect. Also, I go further by having a third account used exclusively for banking. Even if someone were to hijack your FB account they would have no info for your other accounts.
1. Build your Windows machine in a virtual machine. (VirtualBox is good.)
2. Run either Linux (Ubuntu is good) or another copy of Windows as your base OS, and run VirtualBox (or other) for hosting your Windows guest.
3. Immediately after creating your Windows VM, back up the (clean) VM to a safe place. Make it read-only. You'll need it to re-install, like Ghost -- which you won't have to purchase.
4. If Windows is your base OS, uninstall all web browsers, etc. so that you are NOT tempted to access the Internet from your base OS. (The idea is to keep your base OS free of viruses...)
5. If/when your Windows VM gets infected, quarantine it and re-install your read-only backup VM.
Note that you can spare yourself Step #4 and purchasing a second copy of Windows by using Linux as your base OS. You can surf the net with confidence from Linux. (At least for now... :^)
You can also also use a "second instance" of your backed-up VM to "test drive" a website / download / Facebook page / application -- if it brings in a nasty, you just delete the VM afterwards, and go back to "business as usual".
2. Run either Linux (Ubuntu is good) or another copy of Windows as your base OS, and run VirtualBox (or other) for hosting your Windows guest.
3. Immediately after creating your Windows VM, back up the (clean) VM to a safe place. Make it read-only. You'll need it to re-install, like Ghost -- which you won't have to purchase.
4. If Windows is your base OS, uninstall all web browsers, etc. so that you are NOT tempted to access the Internet from your base OS. (The idea is to keep your base OS free of viruses...)
5. If/when your Windows VM gets infected, quarantine it and re-install your read-only backup VM.
Note that you can spare yourself Step #4 and purchasing a second copy of Windows by using Linux as your base OS. You can surf the net with confidence from Linux. (At least for now... :^)
You can also also use a "second instance" of your backed-up VM to "test drive" a website / download / Facebook page / application -- if it brings in a nasty, you just delete the VM afterwards, and go back to "business as usual".
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
