Using Open DNS also, but the clear cloud idea does have some merits, I
might try this on my PC at home, and see how it works. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:[email protected]

Cell:401-639-3505

 

From: Jonathan Link [mailto:[email protected]] 
Sent: Thursday, September 16, 2010 8:29 AM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware

 

I've been using OpenDNS since the DNS poisoning problem was widely
reported...last year?  Year before?

Not only that, seems to be faster than our ISP's DNS servers.

On Thu, Sep 16, 2010 at 8:24 AM, Andrew S. Baker <[email protected]>
wrote:

OpenDNS provides similar benefits... 


ASB (My XeeSM Profile) <http://xeesm.com/AndrewBaker>  
Exploiting Technology for Business Advantage...
 

On Thu, Sep 16, 2010 at 6:27 AM, John Hornbuckle
<[email protected]> wrote:

        Trying it now. Love the concept-let's see if it helps.  :)

         

         

         

        From: Alex Eckelberry [mailto:[email protected]] 
        Sent: Wednesday, September 15, 2010 12:58 PM

        
        To: NT System Admin Issues
        Subject: RE: #*&$&% "Security Tools" Malware

         

        Btw, we update the malware URLs of these rogues right into
ClearCloud.

         

        Feel free to and the ClearCloud DNS server as a replacement to
your existing DNS:

         

        http://clearclouddns.com/

         

        It's still beta, but I think you'll find it works quite well.
And it's free. 

         

         

        Alex

         

         

         

        From: Alex Eckelberry [mailto:[email protected]] 
        Sent: Wednesday, September 15, 2010 12:55 PM

        
        To: NT System Admin Issues
        Subject: RE: #*&$&% "Security Tools" Malware

         

        http://vipre.malwarebytes.org/

         

        Free.  And the combination really works. 

         

        From: John Hornbuckle [mailto:[email protected]] 
        Sent: Wednesday, September 15, 2010 12:20 PM

        
        To: NT System Admin Issues

        Subject: #*&$&% "Security Tools" Malware 

         

        The "Security Tools" malware is about to drive me insane. My
users keep managing to infect themselves with it, and we're having
trouble stopping it.

         

        They don't run with admin rights, so there's no real damage done
to their systems and we can clean it up in about two minutes. But the
time adds up, and I'm tired of my technicians having to waste time on
it.

         

        Our antimalware software is Microsoft's Forefront Client
Security, and it's having a tough time catching this. Every time I get
infected, I send the EXE to Microsoft and they update their
definitions-but the EXE's used by the malware apparently change rapidly,
and seem to constantly be a step ahead of FCS's definitions.

         

        I can think of a couple of options that I know would stop it,
like blocking all EXE's at our web filter or using group policy to limit
the running of EXE's-but this would also prevent users from doing things
like installing safe plug-ins from websites, so it's not a first resort.

         

        Suggestions?

         

         

         

        John Hornbuckle

        MIS Department

        Taylor County School District

        www.taylor.k12.fl.us <http://www.taylor.k12.fl.us/> 

         

         

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin

Reply via email to