[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 431
  • Last Modified:

Spot check in Laptops

my question is this , how i can check one person laptop if there is no malicious stuff/hacking software in laptop . the laptops comes to me and i have to verify that they are safe and they do not contain any software which can be used to hack the network or in means to the network , usually they are guest users who used to connect only to guest network , not my corporate network , but still i have to ensure if they connect to my LAN , nothing bad can happen to network and network is not open for them  .

I welcome both ways ...

checking by Tools to see which software a laptop does have

and by checking manually going throw add and remove , as thats not very effective as many software are double click and run , of if some tool which i dont have to install on the guest laptops , and i can just run to verify installed programs /Exes in laptops .


0
annasad
Asked:
annasad
  • 3
  • 3
  • 2
  • +2
5 Solutions
 
younghvCommented:
@rikin_shah,
Please don't post bare hyperlinks in questions and only post in questions where you have actual knowledge to the topic being discussed.

It is a fair assumption that everyone knows how to do a Google search, so no one needs to post the results of same.
0
 
younghvCommented:
annasad,
What you are asking borders on the impossible - simply because there is no way to know what every executable file on any computer is really going to do.

The worst kind of malware could be renamed "excel.exe" and you would overlook it in any kind of visual search.

What you can ensure is that all computers are fully patched/updated for Operating Systems and that they have a legitimate Anti-Virus program updated, running, and that you personally run a scan of that system.

Your real protection is going to be having some kind of network monitoring program screening the traffic from your "Guest Network" to your Corporate Network.

Are you now running any kind of "Intrusion Detection Service" (IDS).
(http://en.wikipedia.org/wiki/Intrusion_detection_system)
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
SnibborgOwnerCommented:
The problem youare likely to come across is that most 'guests' bring in corporate laptops of their own.  These laptops are almost always locked down, so any attempts to install malicious software detection software on them would end in failure.

The other problem is a legal one.  If you install detection software on a laptop owned by another company and that laptop is then found to impact the 'guests' corporate network upon his return to his company, this could lead to a very interesting legal situation.

Furthermore, you would be unable to detect a rootkit attack from observation alone.  They are very effective at disguising their presence.

The obvious answer would be to isolate these users into their own VLAN and use network monitoring to look for suspicious behaviour.

Snibborg
0
 
annasadAuthor Commented:
i do agree but sometime , some one is really good in google key words , and some one is experts in searching .... lets see this ...
0
 
androidx219Commented:
Rootkits are very difficult to detect, and if the person is intelligent and knowledgeable about these kind of tools, then you are really left with little hope. The above solution of intrusion detection system should be very effective to avoid hacking attempts and of course keeping your own systems patched and updated.
On the other hand many hacking tools are detected and deleted by most of the antivirus, so in order for these tools to work, the person usually allows exceptions in antivirus software installed in his system. So a good start would be to check the exceptions part of his antivirus software. But this is NOT at all a fool proof method.
0
 
annasadAuthor Commented:
in my case , its not about hacker , not about very intelligent user , they are just a normal user as others , and also my guest network and corporate network are physically isolated , i just needed to see if they connect to my corporate network via network , nothing worst happen to my network .

Also i am not intended to deal with hacker and other stuff like that  
0
 
younghvCommented:
annasad,
You have not responded to my comment here: http:#a35154978

If you expect further comments/advice, you need to respond.
0
 
SnibborgOwnerCommented:
I would recommend more control of your corporate networks swiches.  Disable all unused ports.  That way someone from outside cannot connect to your network without unplugging another workstation.

You can also control who accesses your network by refusing access via PC's that do not have a valid MAC address.

Both of these options would solve your security issues and force visitors to use their own network.  Basically, if you make it a bit difficult for them to access the corporate network they will connect via the easiest route - the guest network.

Snibborg
0
 
annasadAuthor Commented:
may be i was not able to make above things in practical actions , but i developed some good understanding ...
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now