Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Spot check in Laptops

Posted on 2011-03-16
10
Medium Priority
?
423 Views
Last Modified: 2013-12-06
my question is this , how i can check one person laptop if there is no malicious stuff/hacking software in laptop . the laptops comes to me and i have to verify that they are safe and they do not contain any software which can be used to hack the network or in means to the network , usually they are guest users who used to connect only to guest network , not my corporate network , but still i have to ensure if they connect to my LAN , nothing bad can happen to network and network is not open for them  .

I welcome both ways ...

checking by Tools to see which software a laptop does have

and by checking manually going throw add and remove , as thats not very effective as many software are double click and run , of if some tool which i dont have to install on the guest laptops , and i can just run to verify installed programs /Exes in laptops .


0
Comment
Question by:annasad
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 20

Assisted Solution

by:Rikin Shah
Rikin Shah earned 400 total points
ID: 35153908
0
 
LVL 38

Expert Comment

by:younghv
ID: 35154950
@rikin_shah,
Please don't post bare hyperlinks in questions and only post in questions where you have actual knowledge to the topic being discussed.

It is a fair assumption that everyone knows how to do a Google search, so no one needs to post the results of same.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 35154978
annasad,
What you are asking borders on the impossible - simply because there is no way to know what every executable file on any computer is really going to do.

The worst kind of malware could be renamed "excel.exe" and you would overlook it in any kind of visual search.

What you can ensure is that all computers are fully patched/updated for Operating Systems and that they have a legitimate Anti-Virus program updated, running, and that you personally run a scan of that system.

Your real protection is going to be having some kind of network monitoring program screening the traffic from your "Guest Network" to your Corporate Network.

Are you now running any kind of "Intrusion Detection Service" (IDS).
(http://en.wikipedia.org/wiki/Intrusion_detection_system)
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
LVL 11

Assisted Solution

by:Snibborg
Snibborg earned 1000 total points
ID: 35155078
The problem youare likely to come across is that most 'guests' bring in corporate laptops of their own.  These laptops are almost always locked down, so any attempts to install malicious software detection software on them would end in failure.

The other problem is a legal one.  If you install detection software on a laptop owned by another company and that laptop is then found to impact the 'guests' corporate network upon his return to his company, this could lead to a very interesting legal situation.

Furthermore, you would be unable to detect a rootkit attack from observation alone.  They are very effective at disguising their presence.

The obvious answer would be to isolate these users into their own VLAN and use network monitoring to look for suspicious behaviour.

Snibborg
0
 
LVL 1

Author Comment

by:annasad
ID: 35155204
i do agree but sometime , some one is really good in google key words , and some one is experts in searching .... lets see this ...
0
 
LVL 1

Assisted Solution

by:androidx219
androidx219 earned 400 total points
ID: 35157285
Rootkits are very difficult to detect, and if the person is intelligent and knowledgeable about these kind of tools, then you are really left with little hope. The above solution of intrusion detection system should be very effective to avoid hacking attempts and of course keeping your own systems patched and updated.
On the other hand many hacking tools are detected and deleted by most of the antivirus, so in order for these tools to work, the person usually allows exceptions in antivirus software installed in his system. So a good start would be to check the exceptions part of his antivirus software. But this is NOT at all a fool proof method.
0
 
LVL 1

Author Comment

by:annasad
ID: 35179359
in my case , its not about hacker , not about very intelligent user , they are just a normal user as others , and also my guest network and corporate network are physically isolated , i just needed to see if they connect to my corporate network via network , nothing worst happen to my network .

Also i am not intended to deal with hacker and other stuff like that  
0
 
LVL 38

Expert Comment

by:younghv
ID: 35179460
annasad,
You have not responded to my comment here: http:#a35154978

If you expect further comments/advice, you need to respond.
0
 
LVL 11

Accepted Solution

by:
Snibborg earned 1000 total points
ID: 35182489
I would recommend more control of your corporate networks swiches.  Disable all unused ports.  That way someone from outside cannot connect to your network without unplugging another workstation.

You can also control who accesses your network by refusing access via PC's that do not have a valid MAC address.

Both of these options would solve your security issues and force visitors to use their own network.  Basically, if you make it a bit difficult for them to access the corporate network they will connect via the easiest route - the guest network.

Snibborg
0
 
LVL 1

Author Closing Comment

by:annasad
ID: 35330563
may be i was not able to make above things in practical actions , but i developed some good understanding ...
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question