Question

Locked

How to stop Spam sending Trojan Viruses

By Aravinds1611 ·
Hi All,

Recently, one of the computers in our network was affected by a Trojan virus which is believed to have sent thousands of SPAM messages.

Due to this, our domain IP has been blacklisted and emails from our domain aren't getting delivered to clients.

We have ultimately formatted all the drives and reinstalled the OS in that computer.

But, how do such Trojan viruses intrude when we have a popular anti-virus program in installed and updated every day.

Please share your thoughts on how to prevent such incidents rather than fixing them.

Thank you.

Best Regards,
Aravind.

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Har, Har, Har

by cmiller5400 In reply to How to stop Spam sending ...

Nothing is 100% effective. All it takes is a user to click a link and presto you have a virus/trojan etc. Does the av scanner check for updates several times a day? Do you run periodic scans?

There is a lot more to protecting computers than just plopping an AV solution on it...

Collapse -

Because signature-based AV programs are only about 90% effective

by robo_dev In reply to How to stop Spam sending ...

Other defenses against this sort of problem:

1) PC protection software such as Cisco Security Agent. This program does not allow unknown processes to run.

2) Personal firewall software would catch this sort of thing in many cases, since the program would alert when the process was attempting outbound communication.

3) Browser protections:

Use Mozilla Firefox with add-on such as:
a) Web-of-trust, link scanner pro, Finjan
b) NoScript

Firefox is more secure than IE.

'Search safety tools' such as Link Scanner Pro, Web of Trust, or Finjan secure browsing help to keep users from going to sites that host malware. Noscript, while it can be intrusive, will prevent a PC from getting a virus or malware infection from a web site.

4) Content filtering proxy server. If the users cannot go to sites that host viruses, they cannot get viruses. If these are business users, it is logical to restrict what sites/content users can get to. If the users are very young/reckless/careless you can implement strict whitelisting in a proxy, such that there is only a set number of web sites they are allowed to visit.

Back to Malware Forum
3 total posts (Page 1 of 1)  

Security Forums