Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Block spyware and malware by locking down the computer & Registry? 1

Status
Not open for further replies.
GVN

GVN

MIS
Dec 2, 2005
238
0
0
US
Is there a way to block spyware and malware by locking down the computer and Registry, instead of buying software to remove it once its already on there, or letting the software try to actively block it? I haven't had too much luck keeping 100% of my machines clean on our network... I would rather lock or modify the OS instead of buying more software that may or may not work.

GVN
 
Sort by date Sort by votes
You'd be surprised how many registry entries are written or modified while you do the most basic of things. A good start is not using the computer as an administrator, but on a basic user account. Permissions in the registry tree can be changed using regedt32, but I'd think very carefully about whether you want to do that.

Educating users can also help a lot. An ounce of prevention is worth a pound of cure.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Upvote 0 Downvote
I agree with you, however most of this stuff we keep seeing on the machines is getting pushed or installed silently without their knowledge. Many aren't even aware of it being on there, but call me because of performance issues or their computer just acting abnormal.

GVN
 
Upvote 0 Downvote
That's right, Carlsberg beer ;)

I know this is not an option for a lot of companies, but have you considered an alternative web browser? I personally find Firefox to be excellent at resisting software installs (most of which are admittedly down to users accepting options that come up, just to make them go away).

That said, the latest revisions of IE have been much better at stopping rubbish getting installed!


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Upvote 0 Downvote
There's a suprising amount you can do.

Users should be just that - users. If I can do my job as a network admin without being logged on as a permenant administrator so can salesmen. If users only have user access then the registry should be in pretty good shape as default permissions are reasonably secure.

Also make sure you are using WSUS and it's managed correctly. A patched system can do wonders for security!

The obvious such as a decent hardware firewall at the network edge and also turn on Windows Firewall. (XP SP2)

I agree with grenage regarding browsers. Either upgrade to IE7 which appears to be in a much better shape security wise or switch to Firefox.

If things are getting really bad then try a proxy / content filtering. SurfControl / WebSense are pretty good and can help stop a lot of this stuff. We use FortiGate networking products that scan for viruses and malware on HTTP and POP/SMTP which is incredibably useful!

That, plus training/education should be enough.




Steve.

"They have the internet on computers now!" - Homer Simpson
 
Upvote 0 Downvote
Stevehewitt,
You still forgot one thing. As Grenage states:

Grenage said:
Educating users can also help a lot. An ounce of prevention is worth a pound of cure.
Click to expand...

If you have the latest stuff, technologically, yes, you will stop an abundance of malware/spyware. However, all that is needed is for someone to click on a nice website, which just happens to have malware. Even though you have the computer locked down (via registry), the stuff (insert your own explecative if you wish) still can be written to HKCU (HKEY_CURRENT_USER). Unless there is a complete re-write of the registry/OS, then I believe this will still happen. We just need to educate our users more, so they understand the "awesome chick" emails they receive with links are not to be followed.
 
Upvote 0 Downvote
We use AVG (grisoft.com) at home, and I use their free personal edition at home. I've not had any viruses yet, but then again like most of us here, I'm quite particular about what sites I visit. Sandboxes help a lot, although perhaps not for the average user.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Upvote 0 Downvote
What are sandboxes? I'm not a security/IT person but I try to keep up on things...
 
Upvote 0 Downvote
GRISOFT is announcing a new version of the AVG Anti-Virus Free Edition. This new 7.5 version with improved performance and full compatibility with the latest Windows Vista version is available. Users that are using AVG Free 7.1 will be provided with a specific dialog, within the next few weeks, with the opportunity to choose the right option fulfilling their needs. AVG Free 7.1 version will be discontinued on 15th of Jan 2007.
Click to expand...

It doesn't appear so, just a new version coming out.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

E
  • Question
Power5 9133-55A down
Replies
0
Views
206
emze
E
T
  • Solved
Not able to log into my previous account, and there's no "Forget Password"
Replies
15
Views
817
Chris Miller
Chris Miller
DrB0b
  • Locked
  • Question
Help Please, Trying to Convince Company Mixing Personal and Corporate Email is Bad Practice
Replies
9
Views
233
DrB0b
DrB0b
puzzledinin
  • Locked
  • Question
Aloha Potential employee theft scheme
Replies
4
Views
220
SamBones
SamBones
nate901
  • Locked
  • Question
(1) Cell phone app security and (2) Shared-site login security
Replies
1
Views
57
Noway2
Noway2

Part and Inventory Search

Sponsor

Back
Top