t in the future), but it’s not our primary focus.
>>
>>
>>
>> But simply: If you’re not worried about content filtering (which has its
>> limitations anyway in DNS, since you can only block a domain, not a full
>> URL), then ClearCloud is better. If you want content f
manually, its like 10 bucks a year, that's all of two drinks at the bar, no
biggie.
Phillip Partipilo
Parametric Solutions Inc.
Jupiter, Florida
(561) 747-6107
Hey, what bar is selling drinks that cheap.at least alcoholic drinks?
Murray
~ Finally, powerful endpoint security that ISN'
ohn.hornbuc...@taylor.k12.fl.us> wrote:
>
>> Trying it now. Love the concept—let’s see if it helps. :)
>>
>>
>>
>>
>>
>>
>>
>> *From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
>> *Sent:* Wednesday, September 15, 2010 12:58
s
> Subject: Re: #*&$&% "Security Tools" Malware
>
> On 15 Sep 2010 at 14:45, Alex Eckelberry wrote:
>
> > In my discussions with Malwarebytes, they have indicated that they are
> > ok with the use of Malwarebytes in a commercial environment for a
> &g
On 16 Sep 2010 at 6:27, John Hornbuckle wrote:
> What happens is that they go to some website that pops up a browser
> window that´s designed to look like the window of an antivirus app. They
> actually do a pretty good job-it can fool the average user easily. Anyhow,
> the animation in the w
Partipilo
Parametric Solutions Inc.
Jupiter, Florida
(561) 747-6107
-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Thursday, September 16, 2010 3:45 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Yep. I als
, September 16, 2010 3:42 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
I use DynDNS, but not for that service. Generally, I've been happy with
their overall service for over 7 years now. Probably not a bad deal.
ASB (My XeeSM Profile)
Exploiting
06 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
OK, I "installed" Clearcloud DNS on my laptop at home, and it blocked my
ability to print to my wireless printers. So, I reversed those DNS settings and
I could print again. So, I then setup Cl
for their content and site blocking. Not a lot of detail on their web
> site.
>
>
>
>
> --
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Thursday, September 16, 2010 12:40 PM
>
> *To:* NT System Admin Issues
web
site.
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 12:40 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
OpenDNS also offers FamilyShield: https://www.opendns.com/f
>> On Thu, Sep 16, 2010 at 6:27 AM, John Hornbuckle <
>>> john.hornbuc...@taylor.k12.fl.us> wrote:
>>>
>>>> Trying it now. Love the concept—let’s see if it helps. :)
>>>>
>>>>
>>>>
>>>>
>>>>
>>
I believe that it's by IP, but I'll check.
Murray
_
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 11:17 AM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
Clearly, your wireless printer is mali
One is a HP Deskjet 960 and the other is a HP Photosmart D110.
Murray
_
From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Thursday, September 16, 2010 11:21 AM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
Dollars to donuts t
filtering (which has its
> limitations anyway in DNS, since you can only block a domain, not a full
> URL), then ClearCloud is better. If you want content filtering, use OpenDNS.
>
>
>
>
>
> Alex
>
>
>
>
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
gt;> DNS settings, and I could print again. What's going on?
>>
>> Murray
>>
>> --
>> *From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
>> *Sent:* Thursday, September 16, 2010 10:24 AM
>>
>> *To:* NT System Admin Issues
>> *Subj
isco Ironport, Nominum are all customers of our ThreatTrack malicious data
> feeds.
>
>
>
> Alex
>
>
>
>
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Thursday, September 16, 2010 9:38 AM
> *To:* NT System Admin Issues
> *Subject:* Re: #*&
ttings, and I could print again. What's going on?
>
> Murray
>
> --
> *From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
> *Sent:* Thursday, September 16, 2010 10:24 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: #*&$
d by a lot of vendors. Bluecoat networks,
> Cisco Ironport, Nominum are all customers of our ThreatTrack malicious data
> feeds.
>
>
>
> Alex
>
>
>
>
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Thursday, September 16, 2010 9:38 AM
&
rsed those
DNS settings, and I could print again. What's going on?
Murray
_
From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Thursday, September 16, 2010 10:24 AM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Yes. We hav
[mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 9:38 AM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
Hey, Alex
Have you thought about working with the OpenDNS folks to provide enhanced
website security for their service?
This would be a bene
has its
limitations anyway in DNS, since you can only block a domain, not a full URL),
then ClearCloud is better. If you want content filtering, use OpenDNS.
Alex
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 8:24 AM
To: NT System Admin Issues
Subject
I have asked and they said they would put that up.
-Original Message-
From: Angus Scott-Fleming [mailto:angu...@geoapps.com]
Sent: Thursday, September 16, 2010 1:54 AM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
On 15 Sep 2010 at 14:4
siness Advantage...*
* *
On Wed, Sep 15, 2010 at 1:31 PM, Alex Eckelberry wrote:
> www.Clearclouddns.com
>
>
>
>
>
>
>
>
>
> *From:* Jeff Frantz [mailto:jfra...@itstechnologies.com]
> *Sent:* Wednesday, September 15, 2010 1:11 PM
>
> *To:* NT System Admi
Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 16, 2010 8:44 AM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
ClearCloudDNS is probably a very good option for home u
> Network Engineer
>
> Lifespan Organization
>
> Email:ezi...@lifespan.org
>
> Cell:401-639-3505
>
>
>
> *From:* Jonathan Link [mailto:jonathan.l...@gmail.com]
> *Sent:* Thursday, September 16, 2010 8:29 AM
>
> *To:* NT System Admin Issues
> *Subject:* R
[mailto:jonathan.l...@gmail.com]
Sent: Thursday, September 16, 2010 8:29 AM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
I've been using OpenDNS since the DNS poisoning problem was widely
reported...last year? Year before?
Not only that, seem
t;>>
>>>
>>>
>>>
>>>
>>>
>>> *From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
>>> *Sent:* Wednesday, September 15, 2010 12:58 PM
>>>
>>> *To:* NT System Admin Issues
>>> *Subject:* RE: #*
ps. :)
>>
>>
>>
>>
>>
>>
>>
>> *From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
>> *Sent:* Wednesday, September 15, 2010 12:58 PM
>>
>> *To:* NT System Admin Issues
>> *Subject:* RE: #*&$&% "Security Tools
see if it helps. :)
>
>
>
>
>
>
>
> *From:* Alex Eckelberry [mailto:al...@sunbelt-software.com]
> *Sent:* Wednesday, September 15, 2010 12:58 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: #*&$&% "Security Tools" Malware
>
>
s not horribly painful, but it gets old doing it again and
again.
>
>
>
> John Hornbuckle
> MIS Department
> Taylor County School District
> www.taylor.k12.fl.us
>
>
>
>
>
> From: MMF [mailto:mmfree...@ameritech.net]
> Sent: Wednesday, September
Trying it now. Love the concept-let's see if it helps. :)
From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Wednesday, September 15, 2010 12:58 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Btw, we update the malware URLs of
M
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Do you do URL filtering? I work on the theory A/V should be the last line,
stop them getting there in the first place.
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: 15 September 2010
or.k12.fl.us<http://www.taylor.k12.fl.us>
From: MMF [mailto:mmfree...@ameritech.net]
Sent: Wednesday, September 15, 2010 8:39 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
John is absolutely correct. My brother got this a couple of weeks ago and aske
On 15 Sep 2010 at 14:45, Alex Eckelberry wrote:
> In my discussions with Malwarebytes, they have indicated that they are ok
> with the use of Malwarebytes in a commercial environment for a "one-time use
> to clean an infected system" -- at least as it regards the website
> vipre.malwarebytes.org.
5, 2010 12:56 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
>From what I've seen in digging into "Security Tools," the .exe's aren't
stored in the IT temp folder. I'm finding them elsewhere under the user's
I've pinged them on yours and Vicky's questions.
-Original Message-
From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, September 15, 2010 4:28 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
I have tried twice to co
2010 2:10 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
On 15 Sep 2010 at 12:55, Alex Eckelberry wrote:
>
> http://vipre.malwarebytes.org/
>
> Free. And the combination really works.
Just remember, only the VIPRE part o
SHOOK = FWB
--
ME2
On Wed, Sep 15, 2010 at 12:43 PM, Andy Shook wrote:
> SUNBELT = GFI
>
>
>
> Shook
>
>
>
> *From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com]
> *Sent:* Wednesday, September 15, 2010 3:36 PM
>
> *To:* NT System Admin Issues
>
SUNBELT = GFI
Shook
From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Wednesday, September 15, 2010 3:36 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
But it doesnt run in "real-time" unless you buy it. And, these da
But it doesnt run in "real-time" unless you buy it. And, these days, its a
useless "security" product unless you do. Otherwise you are only scanning
what is already on your computer. You want something like Malwarebytes to
prevent that from happening in the first place. Otherwise, those buggers
;
> Alex
>
>
> -Original Message-
> From: Angus Scott-Fleming [mailto:angu...@geoapps.com]
> Sent: Wednesday, September 15, 2010 2:10 PM
> To: NT System Admin Issues
> Subject: Re: #*&$&% "Security Tools" Malware
>
> On 15 Sep 2010 at 12:55, Ale
ues
Subject: Re: #*&$&% "Security Tools" Malware
On 15 Sep 2010 at 12:55, Alex Eckelberry wrote:
>
> http://vipre.malwarebytes.org/
>
> Free. And the combination really works.
Just remember, only the VIPRE part of that page is free. On that page, quite
pr
Sent: Wednesday, September 15, 2010 2:14 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
Huh?
You add it to DNS servers, not DCs. Not all DCs are DNS Servers and vice
versa.
Also, you can add it from the same DNS snap-in. IIRC, it should see all
> -Original Message-
> From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk]
> Sent: Wednesday, September 15, 2010 2:03 PM
> To: NT System Admin Issues
> Subject: RE: #*&$&% "Security Tools" Malware
>
> Pretty much.
>
> Your internal clients
On 15 Sep 2010 at 12:55, Alex Eckelberry wrote:
>
> http://vipre.malwarebytes.org/
>
> Free. And the combination really works.
Just remember, only the VIPRE part of that page is free. On that page, quite
prominently, is this:
"(Malwarebytes' Anti-Malware is free for non-com
On 15 Sep 2010 at 13:11, Jeff Frantz wrote:
> I have not tried it yet but Trend Micro has a free browser add-on which
> is supposed protect the browser from infiltrations. It may be worth a try on
> one or two PCs where the users are malware magnets.
> http://free.antivirus.com/web-protection
esday, September 15, 2010 2:03 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Pretty much.
Your internal clients should always point to your DC's (if they don't things
will stop working and you'll have a very bad day), your DC's the
ention is "pure" DNS
other than blocking malware sites and no advertising every time you mistype a
URL etc.
-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: 15 September 2010 18:59
To: NT System Admin Issues
Subject: RE: #*&$&% "
Correct
From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Wednesday, September 15, 2010 1:53 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
If you have a Windows AD domain, your DHCP scopes should point your clients to
your INTERNAL DNS
They are on anycast nodes
-Original Message-
From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk]
Sent: Wednesday, September 15, 2010 1:52 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Woah don't do that. You want your AD DNS s
PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Woah don't do that. You want your AD DNS so that clients point to your
domain controllers/AD DNS servers and your DNS servers either use Sunbelt as
forwarders, or root hints.
Alex, ignoring the IP addres
...@gmail.com]
Sent: Wednesday, September 15, 2010 12:30 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
An occasional one manages to slip past VIPRE but they're rare. We've also found
that they tend to appear after a reboot even when t
ctory, or should I just push that out through DHCP?
>
>
>
> From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
> Sent: Wednesday, September 15, 2010 12:58 PM
> To: NT System Admin Issues
> Subject: RE: #*&$&% "Security Tools" Malware
>
> Btw, we
drich [mailto:jaldr...@blueridgecarpet.com]
Sent: 15 September 2010 18:49
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
Cool... Can I add that as an alternative to my ISP's DNS in my Active
Directory, or should I just push that out through DH
From: Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Wednesday, September 15, 2010 12:55 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
http://vipre.malwarebytes.org/
Free. And the combination really works.
From: John Hornbuckle [mailt
org]
Sent: Wednesday, September 15, 2010 12:39 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
There's always the chance you are missing some things...
1. I know of no AV product which scans an NTUSER.DAT file. If the user
associated with t
Not right now... it's focused just on malware sites.
From: Roger Wright [mailto:rhw...@gmail.com]
Sent: Wednesday, September 15, 2010 1:35 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
Any plans to include content filtering in ClearCloud?
gt;
>
>
>
>
>
>
>
> *From:* Jeff Frantz [mailto:jfra...@itstechnologies.com]
> *Sent:* Wednesday, September 15, 2010 1:11 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: #*&$&% "Security Tools" Malware
>
>
>
> John,
>
>
>
www.Clearclouddns.com
From: Jeff Frantz [mailto:jfra...@itstechnologies.com]
Sent: Wednesday, September 15, 2010 1:11 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
John,
I have not tried it yet but Trend Micro has a free browser add-on which is
Fine, except some "well known and trusted" sites get compromised on
occasion. This is one route by which malicious PDF files hit folks via
"drive by" infections.
--
richard
"Paul Hutchings" wrote on 09/15/2010 12:07:40
PM:
> Do you do URL filtering? I work on the theory A/V should be the
>
John,
I have not tried it yet but Trend Micro has a free browser add-on which is
supposed protect the browser from infiltrations. It may be worth a try on one
or two PCs where the users are malware magnets.
http://free.antivirus.com/web-protection-add-on/
-Jeff
__
Well, sometimes it does, sometimes it does not...
A short time ago I gave a couple of "problems". That is, the _real_
malware is hidden. Scans find the secondary downloaded malware but not
the real culprit. It wasn't until I went looking for "new" files in the
Windows directories that we fin
Vipre seems to be the best antivirus thats is also keeping up well with
malware. The other major players are seriously paling in comparison.
Otherwise, if you are already vested in an antivirus product; suppliment
your systems with dedicated malware protection from something like
Malwarebytes.
-
Do you do URL filtering? I work on the theory A/V should be the last
line, stop them getting there in the first place.
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: 15 September 2010 17:20
To: NT System Admin Issues
Subject: #*&$&% "Security Tools" Malware
The "Sec
+1
That is exactly the combination I was using (sucessfully I might add) even
before the 'merger'.
On Wed, Sep 15, 2010 at 11:55 AM, Alex Eckelberry <
al...@sunbelt-software.com> wrote:
> http://vipre.malwarebytes.org/
>
>
>
> Free. And the combination really works.
>
>
>
> *From:* John Hornbu
Alex Eckelberry [mailto:al...@sunbelt-software.com]
Sent: Wednesday, September 15, 2010 12:55 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
http://vipre.malwarebytes.org/
Free. And the combination really works.
From: John Hornbuckle [mailto:john.
http://vipre.malwarebytes.org/
Free. And the combination really works.
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Wednesday, September 15, 2010 12:20 PM
To: NT System Admin Issues
Subject: #*&$&% "Security Tools" Malware
The "Security Tools" malware is about to drive
ptember 15, 2010 12:33 PM
To: NT System Admin Issues
Subject: Re: #*&$&% "Security Tools" Malware
"Touching Wood"? Really?!?!
On Wed, Sep 15, 2010 at 9:27 AM, John Aldrich
wrote:
You could always switch to Vipre Enterprise. J That's what we're using here
and
This brand, for lack of a better word seems to be the most pernicious stuff
I've seen.
On Wed, Sep 15, 2010 at 12:20 PM, John Hornbuckle <
john.hornbuc...@taylor.k12.fl.us> wrote:
> The “Security Tools” malware is about to drive me insane. My users keep
> managing to infect themselves with it,
There's always the chance you are missing some things...
1. I know of no AV product which scans an NTUSER.DAT file. If the user
associated with this file is logged in, then it is scanned as a part of
the active registry. If the associated user is logged off, then scans do
not find the ugly th
"Touching Wood"? Really?!?!
On Wed, Sep 15, 2010 at 9:27 AM, John Aldrich
wrote:
> You could always switch to Vipre Enterprise. J That’s what we’re using
> here and it seems to catch it. So far, I don’t think it’s missed a single
> attempt since upgrading to Vipre Enterprise 4. (knocking on / t
Wednesday, September 15, 2010 12:28 PM
To: NT System Admin Issues
Subject: RE: #*&$&% "Security Tools" Malware
You could always switch to Vipre Enterprise. :) That's what we're using here
and it seems to catch it. So far, I don't think it's missed a singl
An occasional one manages to slip past VIPRE but they're rare. We've also
found that they tend to appear after a reboot even when the user is diligent
and immediately kills iexplore.exe.
We set a GP to automatically delete Temp Internet Files when IE is closed -
this eliminates those 123456457.exe
You could always switch to Vipre Enterprise. J That's what we're using here
and it seems to catch it. So far, I don't think it's missed a single attempt
since upgrading to Vipre Enterprise 4. (knocking on / touching wood!)
John-AldrichPerception_2
From: John Hornbuckle [mailto:john.hornbuc.
74 matches
Mail list logo