LGroup1
asked on
Best Ways To Prevent Rogue Antivirus Infections, Outbreaks ...
What are the best ways to prevent the various Rogue Antivirus infections ? Does removing local Admin rights for users completely solve the problem ? Assuming the users have training but are still non-technical users, Is it more difficult to get these infections when using Vista or Windows 7 than compared to WinXP where all installations run as the local user account ? What are the other Suggested Best Practices to avoid these types of infections ?
TIA ...
EW
TIA ...
EW
ASKER
This particular site has everything that you mentioned (e.g. IDS/IPS, AV, anti-spyware, firewall, etc...), and also does User Training, but the Rogue Antivirus is apparently installed when users click on infected links during web browsing (i.e. SEO infections) - and the IDS/IPS and other defenses do not effectively protetect against that. The malware products are also in place, but have varying degrees of success against this constantly evolvoing (and difficult to thoroughly clean) piece of malware. So at this site they too only occassionally get hit (considering there are 100s of users) but when they do get hit it is often a difficult process to fix. I wanted to find out what measures others are (effectively) using to protect against these specific types of infections ...
EW>
EW>
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Good info ! Thank you everybody !
Second, get a good anti-malware product. There are about as many opinions as to what that ought to be as there are people answering questions. Assuming you're in a work environment, develop a multi-tiered approach to protection. In our environment we have a hardware-based firewall, an IDS/IDP device, we filter our email and our web access, and run a corporate level anti-malware product. And even with that, we still occasionally get hit. But as good as I think the protection is, I really believe that things have improved mostly because of user education.