Although the damage malicious software is a single computer user, but as a local area network administrator, there is need to pay attention to it, prevent it, control it.
Should the tube
There may be some malicious software as practical, but also display its power only when the harm is also local area network in the individual user, so this issue still needs the network administrator to worry about What? The answer is yes.
First of all, when malicious software was used to make users not used to help network administrators, network administrators will certainly have to come forward to resolve as quickly as possible, to do his duty.
Second, some malicious software to seize the invisible system resources, or between the conflicting triggered system instability and undermine the information security management highlighted in the "availability", the network administrator needs to govern.
Again, some malicious software secretly collecting the user when online spending habits, account password, ordinary users not aware, this requires experience, well-informed network administrator to take the initiative to alert the user to help the user control.
Can it
In fact, the network administrator in dealing with malicious software, technical methods may not be smart than a lot of users, then they come out the advantages of management of malicious software, what then? To sum up, mainly in the following three points:
First, the network administrator with information security technology and information advantages. They have a more comprehensive malicious software and in-depth understanding of dealing with a lot of experience. General users, but if the technology hardware and repair themselves, sometimes there was a situation more get more, but the network administrator when the shot is often able to prescribing the medicine.
Second, the network administrator has designed the power system and the implementation of the system. They can set the system, inspection, incentive management tools and a series of constraints the user's online behavior, first against malicious software.
Third, the network administrator can play the role of macroeconomic coordination. So, they issued a tool for issuing warning notices, repair notices, than the majority of users work-man operation more efficient and better handling.
The first one: education-oriented
Clear "that should not control" and "can not control" issue, we should consider "how to control" the. Management of malicious software, network administrators, the first should be to enhance the user's information security from the start of education, because this is the deal with the fundamental law of malicious software.
Self-protection awareness training of users, you can teach them to care access and operation, to avoid the trap of networks, in order to eliminate the pain of the incident can not be completely removed. And information security knowledge through education so that enjoys popular support, are far simpler system for restraint and allow the user to act voluntarily to regulate.
Relevant safety education should at least include the following:
(1) Do not log all kinds of bad sites, because they are likely to carry various types of viruses and malicious software.
(2) Do not download unfamiliar software, especially software-sharing credible sources, after all, there is no free lunch.
(3) the installation of software, it should carefully read the user agreement is included with the software and user instructions.
(4) install the software in the Process of monitoring the implementation of each step of the software prompts the content, not all the way click on the "confirm" walking, eventually had mistakenly installed on the user do not want to install malicious software.
(5) The network administrator should set out to write some of the common bundle to install malicious software directory and trap techniques available to the user reference, positive prevention, citing the case of some visual education users.
(6) network administrator that there should also be listed in acts of malicious software hackers list, to remind users to pay particular attention to non-users to install.
The second measure: Prior restraint
While the education-oriented, but in a totally constrained environment, but not everyone is conscious. So, make the appropriate system and the implementation of the system will serve to inoculate all the users, the role of umbrella frame.
The system measures could be considered include the following:
(1) behavior management system in the development of the Internet to increase the content of malicious software, the Internet using a dedicated tool to personnel constraints, or based on random inspection of the artificial administration to prevent illegal Internet users away from malicious software, in particular, do have safety hazards malicious software.
(2) to strengthen endpoint security management, to deploy terminal-wide network of dedicated security management software, centralized management, or by artificial means based on random inspection management, constraints, user software installation behavior, to prevent users from intentionally or unintentionally, the computer installed malicious software .
The third measure: Technology Control
If the "officer safety awareness education" and "all kinds of rules and regulations binding" do the work place, not only more effective, but also to avoid malicious software off more than half of intrusion events. However, in the LAN, after all, something of the rules, careless users online course "in the move." Network administrator must also have technical control on many brains.
"Defense" - Multi-technology protection measures in advance; "rule" - after these victims, as soon as possible to help them repair the user to minimize the loss.
Means of prevention and treatment of these technologies include:
(1) for the user to install some software with immunity, or in the browser screen settings accordingly, or allow users to use Firefox and other malicious software can better deal with the browser, to advance defense.
(2) the unified arrangements of the terminal in various host a good online version of antivirus software, personal firewalls and other products, through the distribution of deployment, centralized management tools, establishment of effective prevention and control mechanism of killing.
(3) in the user's confrontation with the malicious software "caught", the use of commercial Zhuanshagongju, free of special tools or Windows killing malicious software that comes with tools to quickly identify problems, make repairs.
As for the killing tools in the selection of specific commercial or free that comes with the operating system or, depending on the sector of local area network conditions. The work of this killing, either by the network administrators can also be guided by the user under the network administrator.
(4) Another way is to manually remove malicious software that found the software process or service, in the Task Manager to stop it, then delete the appropriate treatment.
Enterprise Web host malicious software, six steps of deep protection
When the malicious software to reach the host, the protection system to focus its data protection of the host system. The physical protection and the environment is as important as protection and network protection. Enterprise network client malware protection, follow these steps:
Step 1: apply security updates. The host operating system patches need to continuously upgrade loophole.
Step 2: Enable host-based firewall. Host-based firewall or personal firewall is enabled the user should be an important protective layer of the client, especially in the user organization may be taken to the usual physical and network protection beyond the portable computer. The firewall will filter a particular host attempting to enter or leave all data.
Step 3: Install anti-virus software. Here is a way to consider the organization of the client, server and network protection from different vendors to use anti-virus software. This method uses a different scan engine provides the infrastructure for these different regions of the same scan, which should help to improve the strength of the protection system.
Step 4: Vulnerability scanning for system. After the configuration system, should be periodic checks to ensure that no security holes left.
Step 5: Use the least privilege policy. To avoid risks as much as possible, should be the prerogative of the number of users may need to minimize.
Step 6: limit unauthorized applications. It should be as limited as possible unauthorized application, the same time, network administrators can use Windows Group Policy to restrict users running unauthorized software.