Skip Navigation

Sunday November 22nd, 2009

 

NACS > Computing > Windows Home

More Windows Security FAQ's and Tools

**Important**

TruSecure Hot or Not
This site digests the latest technical bulletins into simple explanations

Important UCI Security tools and resources

UCINet Support Tools

Patching and Updates

Important industry resources

For a comprehensive list of things to do when setting up a new desktop or server you may look at this Windows Security Primer.

Forensic and Vulnerability Tools- Foundstone has a complete set of tools for testing and assessing your local network.  Look under Resources and then Free Tools**Misuse of these tools can be very serious.  You may want to be cautious about using them outside your local subnets as misuse can get you in trouble.**

Defensive Measures-  Defense in Depth is the best approach to staying secure.  You can look for more information here.

SANS Intrusion Detection FAQ's

 

What to do if your system has been broken into or infected with a virus:

  1. You must NOT ignore the system.  Properly mark it so no one else uses it.

  2. If you are not sure about it's behavior you should contact your local support person for more  assistance.

  3. Your best source of information about current worms, viruses or attacks will be shown on NACS's home page.

  4. If you are sure your system has been infected or compromised then you should disconnect it from the network.

  5. Further work can continue offline without causing issues for others on your local network.

  6. You should verfiy that your system has been patched properly and it's antivirus software is up to date.

  7. If updates are required then download them on another system and copy them to a CD or floppy for transfer to the affected PC. 

  8. A system that was taken over by an outside source ALWAYS needs to be formatted and rebuilt.

  9. Most of todays viruses and worms leave back doors and holes to be exploited later, so utmost consideration should be given to removing all data from the system and formatting it.  There is NO OTHER WAY in most cases to clean a system so that reinfection doesn't occur. 

  10. All systems need to be built offline with no network access.  You may use a desktop router to do this securely.

  11. If there is a possible problem with the affected system being subjected to privacy rules then please notify your local support group immediately!