Malware "best practices"

Bill McGonigle bill at bfccomputing.com
Mon Jul 31 12:35:01 EDT 2006


On Jul 27, 2006, at 08:23, Drew Van Zandt wrote:

> On the other hand, "those
> places" had a more sensible policy.  If a user does something dumb[1]
> once, that may well be enough to get them fired (or lose their
> security clearance, which amounts to the same thing.)  If they did
> something dumb[1] twice, it was pretty much guaranteed unless they
> were, for some reason, indispensable.

Agreed, most of the proposed solutions are working around users with no 
knowledge and no liability.

I'd be interested to know how "those places" dealt with user training 
on these issues.  For example, a user browses to a website (for work) 
and gets a pop-up that looks like a Windows dialog that says, 'allow 
Active-X controls? [ok, cancel]' but it's really a malware item that is 
exploiting the BMP-overflow-du-jour and the 3rd party site has been 
compromised.

It's going to take a very astute and paranoid user to recognize and 
defeat this attempt.  One might consider filters appropriate here.

-Bill
-----
Bill McGonigle, Owner           Work: 603.448.4440
BFC Computing, LLC              Home: 603.448.1668
bill at bfccomputing.com           Cell: 603.252.2606
http://www.bfccomputing.com/    Page: 603.442.1833
Blog: http://blog.bfccomputing.com/
VCard: http://bfccomputing.com/vcard/bill.vcf




More information about the gnhlug-discuss mailing list