hotmail password request tool (intranet usage)

[Ulrich Hobelmann]

Deleting executable attachemnts and unscannable zips from the mail is
done in most of the companies I sysadmin. Some Users still click on
everything that has a icon and a promising name. MS-click-me-advertising
has done some braindamager to the weaker minded.

How about the admins doing their job instead of deleting stuff in
users' email? Like choosing a secure OS in the first place that
runs the productivity apps the user needs, or running a solid
backup-policy (when a stupid user fries his directory, boss
screams at him for a while, but data can be restored), or running
stuff in a sandbox (well, on Windows that probably means that you
ONLY fry your own directory).

 

[Chris Mattern]

How about the admins doing their job instead of deleting stuff in
users' email? Like choosing a secure OS in the first place that
runs the productivity apps the user needs,

Perhaps the admin could square the circle as an encore. Much, even
most, of the time, the apps that the users and management insist on
runs *only* on Windows.

or running a solid
backup-policy (when a stupid user fries his directory, boss
screams at him for a while, but data can be restored),

Fine. *You* can be in charge of running the daily restores, while
the boss yells at you for the downtime, and the user yells at you
for the lost work that was done since the last backup. You let
this crap through and you will spend all day restoring one user
after another.

or running
stuff in a sandbox (well, on Windows that probably means that you
ONLY fry your own directory).

And how, exactly, are you going to get your apps to run, considering
that all of them require admin access to run at all?

Do you have any *practical* alternatives?
--
Christopher Mattern

"Which one you figure tracked us?"
"The ugly one, sir."
"...Could you be more specific?"

 

[Ulrich Hobelmann]

That was really lame. While I run both Linux and Windows workstations I
still see threats for Linux and Windows, neither OS is secure, it's all in
knowing how to lock each down.

Then pick BSD. Anyway, with a Firewall I doubt that Linux can
really be infected. Updates are usually painless too.

Installing av software and or a firewall policy that blocks malicious
attachments from gaining access to company resources is part of an admins
job, at least in every government, commercial and private company I've
worked for or designed the networks for.

Blocking infected attachments is relatively ok, unless you are
company that has an interest in sending viruses per mail (like an
AV company).

Just deleting all zips (or encrypted ones) is bloody stupid though.

I've been running many platforms since the 70's and never experienced a
virus or compromised system on any network I've managed or designed,
including Windows based networks/systems, so it would seem that security
is not really an issue for the Windows platforms, it's more a problem
when you have ignorant administrators or ones that pretend to know about
security.

From this thread I gathered that the problem seems to be not the
security (stuff sent with email is just passive files!), but
rather the dumb user that has to push the button on every bomb he
finds.

 

[Matthias Hoys]

W32.Goldun.M virus, Intego virus barrier reports.

I saved a lots of people from checking the file I bet

Yay, so I have a anti virus in fact

Ilgaz

Strange ... my up-to-date AVG freeware anti-virus didn't detect any virus in
the rar file. What anti-virus software do you use ?

Matthias

 

[Ilgaz]

Strange ... my up-to-date AVG freeware anti-virus didn't detect any
virus in the rar file. What anti-virus software do you use ?

Matthias

Its a mac antivirus, Intego Virusbarrier for OS X. Interesting really.

But don't expect anything good from stuff like that (password crack)

Ilgaz

 

[Ulrich Hobelmann]

Its a mac antivirus, Intego Virusbarrier for OS X. Interesting really.

But don't expect anything good from stuff like that (password crack)

WTH do you run an antivirus on your Mac??

I've heard that in some cases they even do harm (was it Norton?),
and they definitely don't do any good. Where should you get a Mac
virus from (except by running a script that wipes your home
directory...)?

My Mac stays clean

 

[Mark Townsend]

Just deleting all zips (or encrypted ones) is bloody stupid though.

Strangely enough a certain large software company relevant to at least
one of the ngs on this thread bans zip attachments in their email.
Instead the SOP is to drop the file onto a central database masquerading
as a file system, and then simply embed the link in the email rather
than attach it. This SOP works well for a number of reasons.

 

[Ilgaz]

WTH do you run an antivirus on your Mac??

I've heard that in some cases they even do harm (was it Norton?), and
they definitely don't do any good. Where should you get a Mac virus
from (except by running a script that wipes your home directory...)?

My Mac stays clean

My plan was buying MS office, so bought antivirus. Nothing else, no..
There is no virus currently on mac except some evil scripts you mention.

Whatever

Ilgaz

 

[George Neuner]

Strange ... my up-to-date AVG freeware anti-virus didn't detect any virus in
the rar file. What anti-virus software do you use ?

McAfee doesn't detect anything either.

George