[OPLINTECH] spyware & malware
Philip Robinette
robineph@oplin.org
Wed, 6 Oct 2004 18:42:20 -0400
This is a multi-part message in MIME format.
------=_NextPart_000_004F_01C4ABD4.361A82A0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Greetings Chris,
Jim Kenzig posted a useful summary of techniques in this forum on June =
30. I would only add that XP Service Pack 2 has added several security =
features, including the default-on Windows Firewall, the Internet =
Explorer Add-ons Manager, and Data Execution Prevention. And that no =
one should browse the Internet as a user with administrative privileges.
Franklin Library
----- Original Message -----=20
From: Chris Zurbuchen=20
To: oplintech@oplin.org=20
Sent: Wednesday, October 06, 2004 11:00 AM
Subject: [OPLINTECH] spyware & malware
Hello,
We are planning an XP & Office 2003 roll out to replace NT 4.0 and =
Office 2000 on our 350+ staff workstations. We have Windows 2003 on our =
server. Several of our staff workstation's browsers (IE) have been =
hijacked with malware. How are you preventing spyware at your =
locations? What tools are you using? Any help is appreciated. Thanks,
ChrisZ
=20
Chris Zurbuchen
Microcomputer Specialist
Dayton Metro Library
215 E. Third Street
Dayton, Oh 45402
937.227.9500 x303
chrisz@DaytonMetroLibrary.org
=20
=20
------=_NextPart_000_004F_01C4ABD4.361A82A0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML xmlns=3D"http://www.w3.org/TR/REC-html40" xmlns:o =3D=20
"urn:schemas-microsoft-com:office:office" xmlns:w =3D=20
"urn:schemas-microsoft-com:office:word" xmlns:st1 =3D=20
"urn:schemas-microsoft-com:office:smarttags"><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1458" name=3DGENERATOR><o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"Street"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"address"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"City"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"place"></o:SmartTagType><!--[if !mso]>
<STYLE>st1\:* {
BEHAVIOR: url(#default#ieooui)
}
</STYLE>
<![endif]-->
<STYLE>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</STYLE>
</HEAD>
<BODY lang=3DEN-US vLink=3Dpurple link=3Dblue bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Greetings Chris,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Jim Kenzig posted a useful summary of =
techniques in=20
this forum on June 30. I would only add that XP Service Pack 2=20
has added several security features, including the default-on =
Windows=20
Firewall, the Internet Explorer Add-ons Manager, and Data Execution=20
Prevention. And that no one should browse the Internet =
as a user=20
with administrative privileges.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Franklin Library</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3DChrisZ@daytonmetrolibrary.org=20
href=3D"mailto:ChrisZ@daytonmetrolibrary.org">Chris Zurbuchen</A> =
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3Doplintech@oplin.org=20
href=3D"mailto:oplintech@oplin.org">oplintech@oplin.org</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Wednesday, October 06, =
2004 11:00=20
AM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> [OPLINTECH] spyware =
&=20
malware</DIV>
<DIV><BR></DIV>
<DIV class=3DSection1>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial">Hello,<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">We are planning an XP =
& Office=20
2003 roll out to replace NT 4.0 and Office 2000 on our 350+ staff=20
workstations. We have Windows 2003 on our server. Several =
of our=20
staff workstation=92s browsers (IE) have been hijacked with =
malware. How=20
are you preventing spyware at your locations? What tools are you =
using? Any help is appreciated. =20
Thanks,<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial">ChrisZ<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">Chris=20
Zurbuchen<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">Microcomputer=20
Specialist<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><st1:City w:st=3D"on"><st1:place =
w:st=3D"on"><FONT face=3DArial=20
size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial">Dayton</SPAN></FONT></st1:place></st1:City><FONT=20
face=3DArial size=3D2><SPAN style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial"> Metro=20
Library<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><st1:Street w:st=3D"on"><st1:address =
w:st=3D"on"><FONT=20
face=3DArial size=3D2><SPAN style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial">215 E.=20
Third Street</SPAN></FONT></st1:address></st1:Street><FONT =
face=3DArial=20
size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial"><o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><st1:City w:st=3D"on"><st1:place =
w:st=3D"on"><FONT face=3DArial=20
size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial">Dayton</SPAN></FONT></st1:place></st1:City><FONT=20
face=3DArial size=3D2><SPAN style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial">, Oh=20
45402<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">937.227.9500=20
x303<o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"><A=20
=
href=3D"mailto:chrisz@DaytonMetroLibrary.org">chrisz@DaytonMetroLibrary.o=
rg</A><o:p></o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"> =20
<o:p></o:p></SPAN></FONT></P></DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_004F_01C4ABD4.361A82A0--