Malware "best practices"
Bill McGonigle
bill at bfccomputing.com
Mon Jul 31 12:35:01 EDT 2006
On Jul 27, 2006, at 08:23, Drew Van Zandt wrote:
> On the other hand, "those
> places" had a more sensible policy. If a user does something dumb[1]
> once, that may well be enough to get them fired (or lose their
> security clearance, which amounts to the same thing.) If they did
> something dumb[1] twice, it was pretty much guaranteed unless they
> were, for some reason, indispensable.
Agreed, most of the proposed solutions are working around users with no
knowledge and no liability.
I'd be interested to know how "those places" dealt with user training
on these issues. For example, a user browses to a website (for work)
and gets a pop-up that looks like a Windows dialog that says, 'allow
Active-X controls? [ok, cancel]' but it's really a malware item that is
exploiting the BMP-overflow-du-jour and the 3rd party site has been
compromised.
It's going to take a very astute and paranoid user to recognize and
defeat this attempt. One might consider filters appropriate here.
-Bill
-----
Bill McGonigle, Owner Work: 603.448.4440
BFC Computing, LLC Home: 603.448.1668
bill at bfccomputing.com Cell: 603.252.2606
http://www.bfccomputing.com/ Page: 603.442.1833
Blog: http://blog.bfccomputing.com/
VCard: http://bfccomputing.com/vcard/bill.vcf
More information about the gnhlug-discuss
mailing list