[Fredslist] Trends in PC infections
Raj Goel
raj at brainlink.com
Wed Mar 24 19:44:25 EDT 2010
Gothamites,
*Who's the biggest threat to your PC - *
A) Porn Sites
B) Fox News
C) NY Times
D) Drudge Report?
If you answered B), C) or D), you are correct.
In a disturbing (though NOT unpredicted) trend, criminal
organizations bought ads on Doubleclick, Yahoo and other major
advertising networks.
As a result, if you visited NYTimes.com, Fox News, Drudge Report,
TechCrunch or other reputable sites within the past 3 weeks, chances
are, your PC got infected. And unpatched flaws in Adobe PDF reader and
Adobe Flash meant your PC kept getting reinfected.
*How can you tell if your PC's infected?*
* Random Popups
* A new program wants you to buy a "virus removal" program
* Overall sluggishness
*Steps you can take to prevent infection:*
1. Use a virtual machine for all your surfing
1. If your computer has enough RAM and CPU, setting up a
virtual machine is fast, easy and CHEAP!
2. Do NOT install Adobe PDF reader - use FoxitPro or other free PDF
readers
3. Uninstall FLASH player (yeah, I know - youtube no longer works) or
see #1
4. Use Firefox instead of Internet Explorer
5. Install the ADBLOCK and NOSCRIPT plugins
6. Make sure you have GOOD, RELIABLE, TESTED backups!
*What to do if you DO get infected:*
* *If your PC is LESS than 3 years old*, or if you do not have
complete backups, *contact a reputable company or technician to
disinfect the machine*
o NOTE: Some of the newer infections are NOT removable.
o No matter what you do, they will come back. (Just like cold
sores or Hepatitis C)
o Even the best cleaner/disinfection tools are failing ..
repeatedly.
* _If disinfection fails, restore your system image from backups._
* *If your PC is more than 3 years old*, and you have good backups,
*consider upgrading to* a new PC with *Windows 7*
o OR
* *Consider switching to a new Mac running OSX*
Most of our small business clients (10-50 employees) with good,
multi-layered security have been reasonably safe.
However, a lot of solo-professionals, 1-2 person firms have been hit
HARD by these infections.
_*Best Defenses / Best Practices*_
1) Have Multiple PCs and/or laptops at your disposal
If your primary PC gets infected, you should be able to run your
business off a backup
New computers are cheap. Netbooks cost less than $ 400, good
laptops less than $ 1000. Having a spare machine is cheaper than losing
a working day.
2) Invest in Full Machine Imaging backups - Carbonite, Mozy, etc backup
your documents, but NOT all the programs installed on your PC.
3) Consider running locked down machines -- all your data gets backed up
to external drives, carbonite, etc. If your PC is infected, press 1
button and go back to a clean state
4) Invest in hardware firewalls with good threat detection
This is one area where investing in your business really makes
sense. A good Unified Threat Management System (UTMS) firewall can be
had for less than $ 1500. While not free, that's *USUALLY* cheaper than
losing a full working day...or several.
5) Configure your email for IMAP or Hosted Exchange - Move away from POP
or POP3 email servers!
Lots of cheap email providers (GoDaddy, Register.com, etc) default
to POP3 emails. Most email clients (Outlook, Thunderbird, Mac mail,
Eudora, etc) also defaults to POP3.
Configure your email client for IMAP or Hosted Exchange
6) Regularly patch, update and clean your PC
7) Install monitoring software that detects infections rapidly and
notifies your IT support team.
Do you have a primary doctor?
Dentist?
Ob-Gyn or Proctologist?
Cardiologist?
For most of you, that's a YES.
What about your computer? Who's your computer's Primary Care
Technician?
--
-- Raj
Rajesh Goel, CISSP
cell (917) 685-7731
CTO: Brainlink International, Inc.
Fixed-Price IT.
raj at brainlink.com
www.brainlink.com
http://www.linkedin.com/in/rajgoel/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.gothamnetworking.com/pipermail/fredslist/attachments/20100324/a47c39f7/attachment.html
More information about the Fredslist
mailing list