Good thing you work for a liquor company then - presumably you get an employee discount? That may be the only solution if management insists that non-secured systems can plug in anywhere they please.
"My advice to you is to start drinking heavily." On 11/22/04 4:51 PM, "Kern, Tom" <[EMAIL PROTECTED]> wrote: > I suggested the vlan solution,but these guys move around alot and the sales > managers sometimes want a meeting in their office,sometimes in another > office,etc > Since the sales guys generate all the profit,everyone kinda cowtows to them. > Noone wants to inconvienve them. so i'm looking for a solution that goes > around the roaming virii users without making them change. > > sigh... > > thanks > > -----Original Message----- > From: Paul van Geldrop [mailto:[EMAIL PROTECTED] > Sent: Monday, November 22, 2004 4:41 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] virus/worm > > > Even though that first line might sound rather amusing, it might just be > the trick to get things done.. it's amazing how management can decide to > .. bend the rules, let us say, when it concerns their own daily > routines. > > Consider placing the laptops in a restricted VLAN. This might require > that you get some procedures OKed regarding access and availability, but > it'll be worth it. If you're going to invite a load of foodhungry virii > into your network, at least make sure they only get to feed on > themselves. > > Regards, > > Paul. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of ASB > Sent: Monday, November 22, 2004 9:34 PM > To: [EMAIL PROTECTED] > Subject: Re: [ActiveDir] virus/worm > > Wait until your bosses machine gets infected. Maybe that's what it > will take to get the policy changed. > > And you should try using another AV product if the current one is not > keeping your systems cleaned from known viruses. > > How are you cleaning them when you find them? (read: are you sure > you're actually cleaning them?) > > -ASB > > > On Mon, 22 Nov 2004 15:27:58 -0500, Kern, Tom <[EMAIL PROTECTED]> wrote: >> Hi all. I am having a serious issue with bot type worms that keep > infecting my machines over and over. It doesn't matter that I'm fully > patched and my virus defs are up to date. >> I use Symantec Corporate Edition 9.0 in a win2k mixed mode AD > enviroment. My machines all have the most up to date patches and hot > fixes. >> I have seen machines that are up to date in everything get reinfected > time and time again. The worm is a varient of what Symantec calls > Spybot.worm32. It usually creates a exe in system32 called Explorer.exe > or 386.exe or svchosting.exe and no matter the defs it slips by > Symantec. >> >> This is a posting perhaps better sent to a virus or Symantec list,but > you guys seem really knowldgeable and I'd like to pick your collective > brains about how to deal with this issue. >> I assume its getting in via laptop users wh take their pc's home at > nite or some of our traveling sales guys,but if my desktops are up to > date and patched,they should'nt get infected. >> No? >> Am I being naive? >> >> Finally,we are a liqour distributor and alot of times we have > suppliers from other companies come in with laptops that give powerpoint > presentations and access our internet connection. These guys are from > elsewhere so they don't have accounts in our domain and thus log in > locally. >> How can i protect myself against these guys? Management insits they be > allowed to do their thing with their laptops on our network when they > come in and since they don't log into our domain,I can't even push out a > GPO and I'm at the mercy of these guys and what hteir IT dept did or did > not do. >> Help! >> >> Thanks alot. If I can get a solution to just one of these 2 > questions,I'll be a happy man. > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
