FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


How to protect LAN against Worms and spyware?





hrtorrent
At work I have small LAN network. Server runs on Windows 2003 server and 16 workstations runs at Windows XP. My server works ad domain name server.

I have DSL connection to Internet. Recently we have unkown worm attack and big problem with spyware on several computers. Should I use some kind of firewall programs, like Sygate firewall or something?

Eny idea will help! Thanks.
dan751
I do believe you would need to run your gateway computer as a proxy server also. But unfortunately, proxies and proxy servers aren't something I'm very familiar with as of yet.Sad
gonzo
hrtorrent wrote:
spyware on several computers.



faronics deep freeze
+
policy forbidding use of IE
donj
Another idea is to make a firewall of an old pc.

See here how: http://reviews.cnet.com/Three_things_to_do_with_your_old_PC/4660-10165_7-6246693.html

Download Smoothwall on that pc as told in the movie (above)

www.smoothwall.org
Sunny
I run a cyber cafe and use a similar set up like yours. Since I get all sorts of customers My Pcs are most venerable to spywares and viruses but I hardly get them.

Quote:
Should I use some kind of firewall programs, like Sygate firewall or something?


ABOUT YOUR QUERY
Main purpose of a firewall is to keep hackers away. Since you terminals are behind the proxy server there is less chance of you getting external intrusions (From Internet). Only way firewall can be helpful is 1) it will stop spywares/viruses from connecting to their vendors and sending them information or downloading stuff back to pc.2) If you get a virus in a pc, it should stop it from spreading it to network.

But if you ask me? DON'T INSTALL A FIREWALL ON TERMINAL PCS,BUT ON YOUR SERVER YES.In my opinion few of the firewalls are worse then spywares, Yup its true they take lot of resources and slow down the PC's considerably.

MY SUGGESTION

Solution 1-a) Fst upgrade your XP to SP2 and install all latest patches specially for IE.

b) Use Host file to block thousand of sites which are known to spread viruses/sywares (very useful) ..run a search on google or pm me if you want the list.

c)Use Avast Antivirus and Keep it updated, Now why avast? because It provides URL BLOCKING. Depending on the usage of your workstations you can block many file extensions for eg. .scr, .vb, .cab, I've even blocked .exe and many many others. (Very very useful).

d)Since you have upgraded to SP2, SP2 Firewall is not complete but nevertheless useful firewall. Keeping firewall on can stop lot of viruses.worms from spreading. and doesn't takes much resources as compared to lets say Nortons.

e) IF Possible change your browser to Mozilla. which is comparatively better when it comes to security and most spywares tend to target IE then Mozilla (Thou i still use IE) If you do want to use IE, then you should change the Active X security to bit higher level.

f)If you own the terminals and they are for public use then you can give them "guest account" instead of admin account. That will stop them from installing stuff or spywares etc.

g)Disable un necessary services like "remote registry".

I hate suggesting spyware removal softwares ..Its sturdiness to fst let them come in and then start argue if spybot is better or xyz is.I hardly ever get a spyware and when I do I block the site vendor, file name in all pcs so its good bye for ever.

SOLUTION 2)

Use WinGate or some other proxy server which have better security features and can scan for viruses right on the gateway. Although I must say this can lead to lot of problems sometimes if you are not a professional. like few programs not working and will slow down the net speed little (Wingate might not slow down if you are using ITS NAT)
Jack_Hammer
gonzo wrote:
hrtorrent wrote:
spyware on several computers.



faronics deep freeze
+
policy forbidding use of IE


I deffinatly agree with the second one,
Laughing
lrdslr
Use Linux... very security... I use a router and no need a separate firewall...

Smile
Aelita
Well im going to say a router is your best solution to the problem. If its an office type setting people shouldn't be visiting PRIVATE sites. so you shouldn't be getting malacious (omg been in school too long) programs. The router wont allow things to be randomly downloaded onto your computer, you have to acces them directly from a local machine first. But that a whole other dicussion. But most routers come with firewalls as well so you wont really need another firewall program. And for added security you can get a spyware program, like spysweeper. And make sure you get a popup blocker. No accidental clicks to bad sites that way. That'll be all.
hrtorrent
If I install firewall, I can't access to Internet and local domain control does'nt work! If I turn off some firewall settings, worm activate himself and start to shutt down server and few computers too.
I try to locate and remove worm, I scan all PCs with several worm removal, antivirus programs, clean with spyware removal, and nothing. I found nothing! Everything looks clean, but when local network runs and when I turn on adsl router and connect to Internet, worm activate himself immediately....

What can I do else, except reinstall all software on all computers? I wish I have choise to install linux on this machines, but my company run's on windows programs....
Prabhu Raj
Hi trojan horses, browser hijackers and spywares are the most common problem in the internet today.
Configuring internet explorer settings can be a time consuming task.
what i would recommend is that you install a good antivirus program that detects and cleans on file access and modification. make your antivirus up to date.
then install a antispyware software like spyware doctor or pest patrol and update it also.
use a proxy server like winproxy that supports antivirus features.
Doing all these will solve almost 75% of your problem
Have a nice day.
hrtorrent
Finaly I clean up entire network from worm and spyware!!!


I use Symantec Antivirus Corporate Edition. On server I was install server version with advanced control panel and deploy client version to all other computers by network.
In first search that antivirus find a worm on all computers (I try with several anitivirus and worm removal programs including avast and microsoft worm removal and they did'nt find this worm!!!) and sucesfully clean it.
This anitivirus is great, it's resident on all computers and automaticly clean all trojans, worms, spyware and others.
Price is slowing down system, but that is visible only when user log in, when anitivirus check all vital procesess. After that, performance is just like usual.

I try it on my personal notebook and they find over 60 spyware and trojan issues, which was unfind by adaware, spy remover and other similar programs!

The next thing what I will do is building a network firewal computer based on old Pentium I computer and Linux system. I will use Smoothwall.

Very Happy
Related topics
Netscape patches 1-day-old browser
How Spyware Works!!!
What is the best antivirus progrem?
(official) IE 7 Topic
Windows Vista Official Thread
Troops in Iraq have to pay for armor?
(official) Firefox & Thunderbird 1.5 Beta2 Now Available
free antivirus v. norton
Mcrosoft release a new spyware removal tool
How long your windows is working without reinstall?
Any good *free* Antivirus Progs out there?
Which Appllication have you recently downloaded?
'Microsoft Security Essentials' Free anti-virus for windows
Discrimination against Christian - a real case :-)
Reply to topic    Frihost Forum Index -> Computers -> Computer Problems and Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.