Radical
Im working through a ban list to stop any of my users downloading crap onto my machines like the smileycentral.com toolbar and stuff.
does anyone know some good 'advertising heavy' sites that I can use to collect ad-runner domains from?
BAH! I tell ya, the amount of time I spend taking spyware of peoples computers. fark. Id almost have time to read KB all day!
I only posted this because of the global economic crisis
Fair weather rider
Is it possible to block downloading of all 'executable' code. We do that and have never had any problems. also disableing third-party brower extentions as part of group policy would probably be a good idea.
Come warm yourself by the fire
best of luck boss - just had a play on the old mans lappy, there was even spyware in his 1GB ram???? overall he had over 1.5 gb of spyware and other nasties.......and half of that was microsoft based bulltaco.
Cant u stop the spyware from hitting the server with a nasty software based firewalll. Also i saw some servers that do a 5 min shutdown every night, and each computer does a quick scan just before it shuts down. its was quite good cos it ment if u were on the night shift you got a 30 min smoko at 12.
Reactor Online. Sensors Online. Weapons Online. All Systems Nominal.
McNoob
I use dansguardian/squid to stop all downloads/windowsupdates/etc etc etc
I add norton update (or whatever antivirus is running around here) to my whitelist.
if people REALLY want to get stuff thru then I force them to zip and password it.
Dansguardian unpacks non passworded zips
Fair weather rider
Try this hosts file:
http://www.mvps.org/winhelp2002/hosts.txt
Looks like it's updated regularly and it's by the MVPS.
Forum whore
Yep. that's it. What he said. Don't let them download ANYTHING that isn't on a whitelist. Or connect to any site that isn't specified in your firewwall rules (make sure you remember to allow full access from your OWN IP of course).Originally Posted by TerminalAddict
I use dansguardian/squid to stop all downloads/windowsupdates/etc etc etc
I add norton update (or whatever antivirus is running around here) to my whitelist.
if people REALLY want to get stuff thru then I force them to zip and password it.
Dansguardian unpacks non passworded zips
Then they can come and ask if they want something. And show why there's a business case for it. or offer suitable bribes.
You need to read more BOFH.
Come warm yourself by the fire
u running firefox? ive been using mozilla (and netscape before mozilla in 99), for a while. And i really dislike IE.
My computer doesnt let half the crap it used to when i first got win95.
Reactor Online. Sensors Online. Weapons Online. All Systems Nominal.
Radical
our servers never shut down. and our users ideally leave there workstations off at night.
but even with MS antispyware and adware and spybot and a few others. its often that I really just cant spend more than 2 hours removing stuff out of th registry manually because the anti-spywares wont get rid of it.
the 'no-executables' is a good idea. stop that crappy screensavers.com thing aswell. what was wrong with the good old SCR for fucks sake. mmmmm marquee.
I only posted this because of the global economic crisis
Radical
bah. more people posted before I had finished writing that
the problem is we are pretty leniant. we allow pretty much anything (except email sites) so a whitelist is a no-go. the hosts file was also one my my idea's but the boss wants to keep it centralized (ISA server)
Im definately going to see what I can do about downloading executables. also bear in mind I cant change any of the software on my servers. not in a position to do so at the moment
edit: no Im not moving 300 users to mozilla. I know its better but I would like to get some sleep at night. (for 1 our intranet hates it)
I only posted this because of the global economic crisis
Hardcore Biker
Rather than using a host file why not add the entries to your DNS master, you’ll only need to do this once. Also, Microsoft have some recommended corporate lock down settings, It'll be worth your while checking these and going through these with your boss. Mozillia does help in some cases, but it's still has issues of its own.bah. more people posted before I had finished writing that
the problem is we are pretty leniant. we allow pretty much anything (except email sites) so a whitelist is a no-go. the hosts file was also one my my idea's but the boss wants to keep it centralized (ISA server)
Im definately going to see what I can do about downloading executables. also bear in mind I cant change any of the software on my servers. not in a position to do so at the moment
edit: no Im not moving 300 users to mozilla. I know its better but I would like to get some sleep at night. (for 1 our intranet hates it)
Could be worth setting up a company internet proxy server, it's a good way of controlling where the users can't / shouldn't go. 300 users with unrestricted access sounds like a support nightmare!
It's not a beer pot.... It's a fuel tank for a sex machine
Trip of a life time http://www.buenosaires-caracas.com.ar/tours.html
Trip details here
Radical
YEAH MAN WE *cough,. sorry caps. yeah man we run an ISA proxy server. thats what im using to block domains and ip's etc.
but it runs other stuff so getting onto it and doing stuff is slow as shit. about 85% cpu usage at all times.
I blocked
*.smileycentral.com
*.doubleclick.net (.com)
*.imgfarm.com
*.advertising.com
and some other one I forgot.
those are proberly are biggest 5 (exluding the one I forgot) that we get
its a pity we dont look at more internet logs
I only posted this because of the global economic crisis
Forum whore
At our site we run websense... makes it harder to download programs than to get porn but hey, it kills the friggen advertising. Worth talking to someone at your work who can shell out the $$ for it. Highly reccomended.
Ffox is good but I can see why you don't want it, mabey wait a little for it to be refined more. Or there is some extension out there that can help.
In IE disable all the cookies and crap like that, take out activeX and Java etc etc you know the drill. As a LAST resort install 'teatimer' which comes with spybot (don't forget to immunise) and set teatimer up to automatically disallow any changes to the registry. Dunno how winoze will like it but.....
The windows permissions/corporate lockdown already said could help for the installation of stuff but it wont stop the nasties getting in, especially when micro$oft buys out Gator tech and takes it off the Antispyware definitions
Good luck fellow spyware hunter.
Forum whore
At our site we run websense... makes it harder to download programs than to get porn but hey, it kills the friggen advertising. Worth talking to someone at your work who can shell out the $$ for it. Highly reccomended.
Ffox is good but I can see why you don't want it, mabey wait a little for it to be refined more. Or there is some extension out there that can help.
In IE disable all the cookies and crap like that, take out activeX and Java etc etc you know the drill. As a LAST resort install 'teatimer' which comes with spybot (don't forget to immunise) and set teatimer up to automatically disallow any changes to the registry. Dunno how winoze will like it but
The windows permissions/corporate lockdown already said could help for the installation of stuff but it wont stop the nasties getting in, especially when micro$oft buys out Gator tech and takes it off the Antispyware definitions
Good luck fellow spyware hunter.
I use Teatimer. Is good, doesn't upset windows, but might be a problem if you allow the lusers to install stuff. Not that you should, lock 'em down tight.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
Bookmarks