6.6 Countermeasures

Trojan Countermeasures

  • Avoid opening email attachments received from unknown senders.
  • Block all unnecessary ports at the hosts and firewall.
  • Avoid accepting the programs transferred by instant messaging.
  • Harden weak, default configuration settings and disable unused functionality including protocols and services.
  • Monitor the internal network traffic for odd ports or encrypted traffic.
  • Avoid downloading and executing applications from untrusted sources.
  • Install patches and security updates for the operating systems and applications.
  • Scan CDs and DVDs with antivirus software before using.
  • Restrict permissions within the desktop environment to prevent malicious applications installation.
  • Avoid typing the commands blindly and implementing pre-fabricated programs or scripts.
  • Manage local workstation file integrity through checksums, auditing, and port scanning.
  • Run host-based antivirus, firewall, and intrusion detection software.

Backdoor Countermeasures

  • Most commercial anti-virus products can automatically scan and detect backdoor programs before they can cause damage.
  • Educate users not to install applications downloaded from untrusted Internet sites and email attachments.
  • Use anti-virus tools such as McAfee, Norton, etc. to detect and eliminate backdoors.

Virus and Worms Countermeasures

  • Install anti-virus software that detects and removes infections as they appear.
  • Generate an anti-virus policy for safe computing and distribute it to the staff.
  • Pay attention to the instructions while downloading files or any programs from the Internet.
  • Update the anti-virus software regularly.
  • Avoid opening the attachments received from an unknown sender as viruses spread via e-mail attachments.
  • Possibility of virus infection may corrupt data, thus regularly maintain data back up.
  • Schedule regular scans for all drives after the installation of anti-virus software.
  • Do not accept disks or programs without checking them first using a current version of an anti-virus program.
  • Ensure the executable code sent to the organization is approved.
  • Do not boot the machine with infected bootable system disk.
  • Know about the latest virus threats.
  • Check the DVDs and CDs for virus infection.
  • Ensure the pop-up blocker is turned on and use an Internet firewall.
  • Run disk clean up, registry scanner and defragmentation once a week.
  • Turn on the firewall if the OS used is Windows XP.
  • Run anti-spyware or adware once in a week.
  • Do not open the files with more than one file type extension.
  • Be cautious with the files being sent through the instant messenger.

results matching ""

    No results matching ""