Re: Better Anti Spyware
On Tue, 5 Apr 2005, Sergio Basurto Juarez wrote:
> Hello List,
>
> Any knows which is the better ati spyware I mean
> something that can be admistrated from a server, also
> I want that the server filter any spyware that go
> trhough it.
that'd depend on what kind of "spyware" you are trying to catch
and what do to about it, once it found one, what do you do ??
basic assumption ... assume you have all the evils things
on your network and your machines ... now protect the data
or from the spyware from infecting other machines
- to stop it ... you can't if you allow "users" to dictate
what they can and cannot do from their pc, from their laptop
that pick up all the spyware from their friends home, or
the hotel or their airport or their wireless ..
- endless list of places where they can pick up
the spyware and bring it into the office and infect
the rest of the machines
- spywares to watch for ??
- keyboard loggers that sends out the login and
password or pass phrase ( of your practically unbreakable
4096-bit encryption keys, that is rendered useless )
- next batch of spyware ... things that tell other
people what kind of data is on your PCs and one day
you start getting junk mail about upgrading your PC
- next batch of spyware ... virus that sends out
spam to all your buddies and customers
( a simple antivirus stuff will stop most of those
( since its mostly a problem with their email clients
- next batch of spyware ... what's else important ??
- watching the data that across the wires and out thru the
router onto the internet is nice, but how much time do you
have to sort thru all that data and did the corp lawyers
sign a document that allowed you to watch everyones private
emails that is not supposed to be used at the office
- if you are watching the packets, you will see
things you are not supposed to have seen ...
including the spyware you're trying to stop
- best way to stop spyware ..
<flamesuit on>
- nobody brings in a laptop from home, hotels, airports and
put it behind the firewall ( on the inside of the network )
- dhcp is not allowed
- wireless is not allowed
- vpn connections from home is not allowed unless corp IT
maintain the users home network
- if you do allow these incoming "spyware infected machines",
you should "clean it", before it gets connected inside
the firewall where it has total control once inside
corporate network
c ya
alvin
Reply to: