10 replies to this topic

[Hignar]

Someone in my office has become infected by malware that is sending out endless streams of spam mail. As a result we have been added to a number of blacklist sites and are having a lot of our mail bounced back to.

I have asked everyone to perform a virus/malware scan but you can guarantee that I'll end up doing most of them this afternoon. I can't wait :cursing:

Currently 2 machines out of 50 have been scanned. I can proudly state that mine was completely clean.

[Hignar]

We don't know yet. To be fair it's only specualtion by our IT support guys at this point. Still means I've got to hold everyones hand through the scan though.

It's worrying how few of our staff know how to install software when they use a computer all day every day.

[Hignar]

We've tried locking down the computers but people need to install various accountantcy packages depending on which job they are doing.

I've just spoken to our IT guy and he wants to go back to limiting access and giving someone else in the office (probably me) admin rights. Problem is I'm meant to be spending less time on the computers and more on accounts.

Anyway, all scans are now complete and we've been removed from all but one of the blacklists. I can't believe how much stress this all caused, and it hasn't been helped by the fact we've got another postal strike on.

[TkTech]

Rather then limiting them outright, why not enable signature scanning on your corprate firewall? This would kill the tcp/ip stream when a known virus signature is detected. Not perfect but it would get a good chunk of common malware

As for the sex icons...shrink...

[Hignar]

TkTech said:

Rather then limiting them outright, why not enable signature scanning on your corprate firewall? This would kill the tcp/ip stream when a known virus signature is detected. Not perfect but it would get a good chunk of common malware

As for the sex icons...shrink...

Such decisions aren't up to me. Probably a good thing as my knowledge of network security is very limited.

My comment of "this wouldn't have happened if we were using linux" didn't go down well with the support guy and that pretty much used up my knowledge of how to improve a windows network.

Today has shown me that I was right to go into accounting rather than anything involving network administration. This afternoon was not enjoyable in the slightest.

[WingedPanther]

Network administration sucks. Unfortunately, there are still malicious programs that require almost nothing to "install".

[debtboy]

Hignar said:

We've tried locking down the computers but people need to install various accountantcy packages depending on which job they are doing.

We are completely locked down without access to our local drive.
All work files are stored on central storage on our Storage Area Network (SAN). You save local files to "my documents" which is located on the SAN. We also have many network drives which are all basically SAN storage also. IS personnel have a special account with additional privileges and only a few have domain admin rights. It does work once everyone gets used to it.

As for local applications we don't have but a few, all new development is web based and older legacy stuff is upgraded to web or replaced with web based.

I know that much of the focus here on the forum is toward desktop applications and languages, but from where I'm standing, intranet development is where things are.
The buzz words and possible future is the cloud.

Isn't it ironic that I would mention cloud on a "virus" thread. :)

[Hignar]

debtboy said:

We are completely locked down without access to our local drive.
All work files are stored on central storage on our Storage Area Network (SAN). You save local files to "my documents" which is located on the SAN. We also have many network drives which are all basically SAN storage also. IS personnel have a special account with additional privileges and only a few have domain admin rights. It does work once everyone gets used to it.

As for local applications we don't have but a few, all new development is web based and older legacy stuff is upgraded to web or replaced with web based.

This sounds like it would be an ideal solution if it was for the fact different people need different local applications.

One of the main problems is that we don't really have any IT policy in place and people treat their work PCs as their personal machines. We don't have any measures in place to stop staff visiting "dodgy" websites and our spam filters are **** near useless.

I used to blame the support guys for this but it turns out we just been refusing to spend the money needed to put everything in place.

Up until 2 years ago we were a fairly small firm with no more than 20 staff and we could get away with simply trusting everyone to be sensible. Now we've nearly tripled in size things are getting harder to control and, it would seem, I am the first line of defense.

I'm thinking of putting together a list of simple rules and asking a director to approve and enforce them. Nothing drastic but a definite shift in how people use their machines.

At the moment my number one rule would have to be "don't use your work email to sign up to none work related websites". I've been here for five years and get very little spam. Maybe a couple of emails a month. Others who have been here for just a few months are inundated with the stuff.

[cakka]

i think using server for your office is the best way...