Currently it is very important to be monitoring traffic exiting your network to be able to detect remote access trojans that have not been detected by your anti virus .
I suggest restricting all out bound traffic from the desktop and inspecting proxy logs as well as web content management.
If you are a high risk target white listing only approved business web sites may be an option. You can always set up an internet cafe for users to surf fairly un restricted .
Without some of these restrictions it is too easy for the bad guys to write up a custom trojan (or just modify an existing one slightly )and slip it through your defences through a stored XSS in a trusted web site or even social engineer it through in a password protected zip file .
Google – Trying very hard NOT to be EVIL!?
12 hours ago
0 comments:
Post a Comment