Installation only. So you temp flip it off when you need to install
Office (not too disruptive)
On 7/3/2015 11:15 AM, David McSpadden wrote:
By effect Office is that just the installation of Office or Office
running?
*From:*[email protected]
[mailto:[email protected]] *On Behalf Of *Susan Bradley
*Sent:* Friday, July 03, 2015 2:10 PM
*To:* [email protected]
*Subject:* Re: [NTSysADM] OT: VirusScanning software
That's the group policy toolkit.
However it doesn't work for all of the ransomware variants so it's not
a silver bullet either.
On 7/3/2015 11:02 AM, Jonathan Link wrote:
You can also use proper pixies to restrict where software can run.
I've blocked the user profile folder and added an exception for
the desktop and a couple of other places that I can't recall.
Users have to move downloaded apps to ther desktop to install. I
haven't had a Cryptowall infection in 2 years.
On Friday, July 3, 2015, Susan Bradley <[email protected]
<mailto:[email protected]>> wrote:
It changes so fast that as soon as they do the bad guys code up
something new.
there's no silver bullet here.
Silverlight/flash/java. Use it,patch it or lose it.
Web filtering at the firewall. If your firewall doesn't provide
web filtering/UTM options it's time to upgrade. Home users look at
OpenDNS (yes even now that Cisco is buying them)
Filter attachments/zips.
Least priv/non admin.
Block the app location (yes this impacts firefox and office
installs) Google foolishit for non domain or cryptolocker group
policy toolkit
Education to your users that that email you got isn't a legit email.
On 7/3/2015 10:09 AM, David McSpadden wrote:
Quick, anyone know of a VirusScanning software that is
catching CryptoWall 3.0 yet?
*David McSpadden*
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190 |F: 317.554.8106
Description: imcu email icon <http://imcu.com/> Description:
facebook email icon
<https://www.facebook.com/IndianaMembersCU> Description:
twitter email icon <https://twitter.com/IndMembersCU>
Description: email logo
mcp2
This e-mail and any files transmitted with it are property of
Indiana Members Credit Union, are confidential, and are
intended solely for the use of the individual or entity to
whom this e-mail is addressed. If you are not one of the named
recipient(s) or otherwise have reason to believe that you have
received this message in error, please notify the sender and
delete this message immediately from your computer. Any other
use, retention, dissemination, forwarding, printing, or
copying of this email is strictly prohibited.
Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana
Members Credit Union, are confidential, and are intended solely for
the use of the individual or entity to whom this e-mail is addressed.
If you are not one of the named recipient(s) or otherwise have reason
to believe that you have received this message in error, please notify
the sender and delete this message immediately from your computer. Any
other use, retention, dissemination, forwarding, printing, or copying
of this email is strictly prohibited.
Please consider the environment before printing this email.
