Solved

Spot check in Laptops

Posted on 2011-03-16
10
412 Views
Last Modified: 2013-12-06
my question is this , how i can check one person laptop if there is no malicious stuff/hacking software in laptop . the laptops comes to me and i have to verify that they are safe and they do not contain any software which can be used to hack the network or in means to the network , usually they are guest users who used to connect only to guest network , not my corporate network , but still i have to ensure if they connect to my LAN , nothing bad can happen to network and network is not open for them  .

I welcome both ways ...

checking by Tools to see which software a laptop does have

and by checking manually going throw add and remove , as thats not very effective as many software are double click and run , of if some tool which i dont have to install on the guest laptops , and i can just run to verify installed programs /Exes in laptops .


0
Comment
Question by:annasad
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 19

Assisted Solution

by:Rikin Shah
Rikin Shah earned 100 total points
ID: 35153908
0
 
LVL 38

Expert Comment

by:younghv
ID: 35154950
@rikin_shah,
Please don't post bare hyperlinks in questions and only post in questions where you have actual knowledge to the topic being discussed.

It is a fair assumption that everyone knows how to do a Google search, so no one needs to post the results of same.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 50 total points
ID: 35154978
annasad,
What you are asking borders on the impossible - simply because there is no way to know what every executable file on any computer is really going to do.

The worst kind of malware could be renamed "excel.exe" and you would overlook it in any kind of visual search.

What you can ensure is that all computers are fully patched/updated for Operating Systems and that they have a legitimate Anti-Virus program updated, running, and that you personally run a scan of that system.

Your real protection is going to be having some kind of network monitoring program screening the traffic from your "Guest Network" to your Corporate Network.

Are you now running any kind of "Intrusion Detection Service" (IDS).
(http://en.wikipedia.org/wiki/Intrusion_detection_system)
0
 
LVL 11

Assisted Solution

by:Snibborg
Snibborg earned 250 total points
ID: 35155078
The problem youare likely to come across is that most 'guests' bring in corporate laptops of their own.  These laptops are almost always locked down, so any attempts to install malicious software detection software on them would end in failure.

The other problem is a legal one.  If you install detection software on a laptop owned by another company and that laptop is then found to impact the 'guests' corporate network upon his return to his company, this could lead to a very interesting legal situation.

Furthermore, you would be unable to detect a rootkit attack from observation alone.  They are very effective at disguising their presence.

The obvious answer would be to isolate these users into their own VLAN and use network monitoring to look for suspicious behaviour.

Snibborg
0
 
LVL 1

Author Comment

by:annasad
ID: 35155204
i do agree but sometime , some one is really good in google key words , and some one is experts in searching .... lets see this ...
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 1

Assisted Solution

by:androidx219
androidx219 earned 100 total points
ID: 35157285
Rootkits are very difficult to detect, and if the person is intelligent and knowledgeable about these kind of tools, then you are really left with little hope. The above solution of intrusion detection system should be very effective to avoid hacking attempts and of course keeping your own systems patched and updated.
On the other hand many hacking tools are detected and deleted by most of the antivirus, so in order for these tools to work, the person usually allows exceptions in antivirus software installed in his system. So a good start would be to check the exceptions part of his antivirus software. But this is NOT at all a fool proof method.
0
 
LVL 1

Author Comment

by:annasad
ID: 35179359
in my case , its not about hacker , not about very intelligent user , they are just a normal user as others , and also my guest network and corporate network are physically isolated , i just needed to see if they connect to my corporate network via network , nothing worst happen to my network .

Also i am not intended to deal with hacker and other stuff like that  
0
 
LVL 38

Expert Comment

by:younghv
ID: 35179460
annasad,
You have not responded to my comment here: http:#a35154978

If you expect further comments/advice, you need to respond.
0
 
LVL 11

Accepted Solution

by:
Snibborg earned 250 total points
ID: 35182489
I would recommend more control of your corporate networks swiches.  Disable all unused ports.  That way someone from outside cannot connect to your network without unplugging another workstation.

You can also control who accesses your network by refusing access via PC's that do not have a valid MAC address.

Both of these options would solve your security issues and force visitors to use their own network.  Basically, if you make it a bit difficult for them to access the corporate network they will connect via the easiest route - the guest network.

Snibborg
0
 
LVL 1

Author Closing Comment

by:annasad
ID: 35330563
may be i was not able to make above things in practical actions , but i developed some good understanding ...
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now