They stole that idea. >From many years before: http://www.ranum.com/security/computer_security/papers/a1-firewall/index.html
The whole site is worthwhile - especially: http://www.ranum.com/security/computer_security/editorials/dumb/index.html Kurt On Thu, Oct 11, 2012 at 10:58 AM, Matthew W. Ross <[email protected]> wrote: >> > What's your definition of "scissors security" ? > > http://www.dumbentia.com/pdflib/scissors.pdf > > yuk yuk yuk! > > > --Matt Ross > Ephrata School District > > > ----- Original Message ----- > From: Tom Yergeau > [mailto:[email protected]] > To: NT System Admin Issues > [mailto:[email protected]] > Sent: Thu, 11 Oct 2012 > 10:50:32 -0800 > Subject: RE: OT: Scour redirect virus? > > >> > What's your definition of "scissors security" ? >> >> >> >> Cutting the internet connection, or at least running a VM on each desktop >> that's used for all internet access and reset to a baseline snapshot at the >> end of each day. >> >> >> >> Thanks for the list of products, I'll check them out. >> >> >> >> >> >> >> >> From: Andrew S. Baker [mailto:[email protected]] >> Sent: Thursday, October 11, 2012 12:21 PM >> To: NT System Admin Issues >> Subject: Re: OT: Scour redirect virus? >> >> >> >> Hi Tom, >> >> >> >> What's your definition of "scissors security" ? >> >> >> >> Solutions like Bit9 Parity, CoreTrace Bouncer, Faronics Anti-Executable >> <http://www.faronics.com/products/anti-executable/standard/> , and Savant >> Protection are available today, and the cost per end-point is comparable to >> traditional AV solutions. There's also BitLocker from Microsoft. >> >> >> >> As with virtually all other technologies, increased implementations lead to >> improvements in cost and refinements in the feature set. >> >> >> >> >> >> >> ASB >> >> >> <http://XeeMe.com/AndrewBaker> http://XeeMe.com/AndrewBaker >> >> >> Harnessing the Advantages of Technology for the SMB market. >> >> http://www.point2security.com/author.asp?section_id=2075 >> <http://www.point2security.com/author.asp?section_id=2075&doc_id=248849> >> &doc_id=248849 >> >> >> >> On Thu, Oct 11, 2012 at 11:23 AM, Tom Yergeau <[email protected]> >> wrote: >> >> Unless we use "scissors security" how can we avoid things that even the >> experts can't isolate the code for? This article a while back brought it >> all into focus for me. >> >> >> >> http://www.computerworld.com/s/article/9231418/Elusive_TDL4_malware_variant_ >> infected_Fortune_500_companies_gov_t_agencies >> >> >> >> There are some promising products out there like Bromium, but that's for >> large environments, very new, and probably very expensive. Where does that >> leave the rest of us? >> >> >> >> >> >> >> >> From: Andrew S. Baker [mailto:[email protected]] >> Sent: Thursday, October 11, 2012 10:59 AM >> To: NT System Admin Issues >> Subject: Re: OT: Scour redirect virus? >> >> >> >> The thing about malware is that you really have to avoid it in the first >> place. >> >> >> >> Yeah, seems like a Captain Obvious moment, but once the system is impacted, >> a sophisticated piece of malware is going to do all in its power to stay out >> of sight, including disabling common/popular AV products. >> >> >> >> I did see a lot of links about the Redirect Virus on AVG's community site: >> http://forums.avg.com/us-en/avg-forums-search >> >> >> >> You may already have run into information such as >> (http://www.pchell.com/support/scour_redirect.shtml), which indicates how >> insiduous this malware can be. >> >> >> >> The fact that it's a rootkit makes it somewhat problematic to deal with. >> >> >> >> Host-based protection needs to move away from the ubiquitous AV toolset. >> >> >> >> ASB >> >> >> http://XeeMe.com/AndrewBaker >> >> >> Harnessing the Advantages of Technology for the SMB market. >> >> >> >> On Thu, Oct 11, 2012 at 8:47 AM, Christopher Bodnar >> <[email protected]> wrote: >> >> Just wondering if anyone else has had to deal with this one. >> >> Got hit with this on my home machine this week. I am by no means a security >> expert, so that may have been part of my problem. But was sort of surprised >> by the lack of resources/info available out there from the major players >> (AVG, McAfee, Symantec, etc....). I use AVG and it had no idea the machine >> was infected. and couldn't find any mention of it on their support site. >> Tried both TDSSKiller from Kaspersky and FixTDSS from Symantec. Neither of >> which worked. Finally gave in and tried ComboFix, which really looked like >> it was questionable, but resolved the problem for me. >> >> Luckily this was relatively harmless in the grand scheme of things. Just >> very annoying. >> >> >> Christopher Bodnar >> Enterprise Architect I, Corporate Office of Technology:Enterprise >> Architecture and Engineering Services >> >> >> Tel 610-807-6459 >> 3900 Burgess Place, Bethlehem, PA 18017 >> [email protected] >> >> >> >> >> The Guardian Life Insurance Company of America >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
