> What's your definition of "scissors security" ?
Cutting the internet connection, or at least running a VM on each desktop that's used for all internet access and reset to a baseline snapshot at the end of each day. Thanks for the list of products, I'll check them out. From: Andrew S. Baker [mailto:[email protected]] Sent: Thursday, October 11, 2012 12:21 PM To: NT System Admin Issues Subject: Re: OT: Scour redirect virus? Hi Tom, What's your definition of "scissors security" ? Solutions like Bit9 Parity, CoreTrace Bouncer, Faronics Anti-Executable <http://www.faronics.com/products/anti-executable/standard/> , and Savant Protection are available today, and the cost per end-point is comparable to traditional AV solutions. There's also BitLocker from Microsoft. As with virtually all other technologies, increased implementations lead to improvements in cost and refinements in the feature set. ASB <http://XeeMe.com/AndrewBaker> http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market. http://www.point2security.com/author.asp?section_id=2075 <http://www.point2security.com/author.asp?section_id=2075&doc_id=248849> &doc_id=248849 On Thu, Oct 11, 2012 at 11:23 AM, Tom Yergeau <[email protected]> wrote: Unless we use "scissors security" how can we avoid things that even the experts can't isolate the code for? This article a while back brought it all into focus for me. http://www.computerworld.com/s/article/9231418/Elusive_TDL4_malware_variant_ infected_Fortune_500_companies_gov_t_agencies There are some promising products out there like Bromium, but that's for large environments, very new, and probably very expensive. Where does that leave the rest of us? From: Andrew S. Baker [mailto:[email protected]] Sent: Thursday, October 11, 2012 10:59 AM To: NT System Admin Issues Subject: Re: OT: Scour redirect virus? The thing about malware is that you really have to avoid it in the first place. Yeah, seems like a Captain Obvious moment, but once the system is impacted, a sophisticated piece of malware is going to do all in its power to stay out of sight, including disabling common/popular AV products. I did see a lot of links about the Redirect Virus on AVG's community site: http://forums.avg.com/us-en/avg-forums-search You may already have run into information such as (http://www.pchell.com/support/scour_redirect.shtml), which indicates how insiduous this malware can be. The fact that it's a rootkit makes it somewhat problematic to deal with. Host-based protection needs to move away from the ubiquitous AV toolset. ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market. On Thu, Oct 11, 2012 at 8:47 AM, Christopher Bodnar <[email protected]> wrote: Just wondering if anyone else has had to deal with this one. Got hit with this on my home machine this week. I am by no means a security expert, so that may have been part of my problem. But was sort of surprised by the lack of resources/info available out there from the major players (AVG, McAfee, Symantec, etc....). I use AVG and it had no idea the machine was infected. and couldn't find any mention of it on their support site. Tried both TDSSKiller from Kaspersky and FixTDSS from Symantec. Neither of which worked. Finally gave in and tried ComboFix, which really looked like it was questionable, but resolved the problem for me. Luckily this was relatively harmless in the grand scheme of things. Just very annoying. Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 [email protected] The Guardian Life Insurance Company of America ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<image001.jpg>>
