Ya, what Greg Donald said, put a good frontline firewall in (pfsense, Untangle, Endian) and let the windows box spew it's warnings.. :)
On Wed, May 6, 2009 at 8:59 AM, Greg Donald <gdon...@gmail.com> wrote: > > On Wed, May 6, 2009 at 8:37 AM, Drew <cothar...@gmail.com> wrote: >> Yeah, it's off topic. However, in my experience the amount of knowledge >> readily available on this list is huge, and I have a lot of respect for most >> of the opinions expressed in matters technical here. But lets suppose, that >> even though we've taken reasonable steps to ensure that windows machines on >> our network are not compromised, the powers that be still "want to make >> sure" that nothing has happened to any of them. Short of reinstalling >> machines just because, or getting rid of them and having everyone use linux, >> what's the best way to make certain a windows machine is not compromised? To >> rephrase, what is the best (free or otherwise) software package to use to >> check for spyware, malware, viruses, keyloggers, and other nefarious schemes >> to take over the world that may be brewing on a windows computer? Thanks for >> the feedback. > > > I find my firewall is a good tool for detecting an 0wned windows box. > I run my firewall with a default block all rule first then only open > ports as required. A compromised windows box will usually try to spew > mail outbound or something similar, pretty easy to see in the firewall > logs. > > I wouldn't rely on any sort of virus or malware protection tool on the > windows box itself to tell me the truth, smart viruses disable such > things. Look at what the box is actually doing on the network > outbound, it wouldn't get 0wned just to sit there. > > > > -- > Greg Donald > http://destiney.com/ > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~----------~----~----~----~------~----~------~--~---