Security Basicsmailing list archives
Re: Network Segregation to prevent spread of malware
From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 23 Jan 2013 08:49:14 -0500
On Wed, Jan 23, 2013 at 8:07 AM, Rob <synja () synfulvisions com> wrote:
Additionally, the services commonly used for worm propagation (RDP/TS, RPC, etc) are also used heavily for domain operations anyway.
The Worm Wars FTW (Sasser vs Netsky vs Bagle, etc)! They werespreading, uninstalling other worms, and then patching the host tokeep the other worms out. And spreading using FTP, TFTP, SMB, etc.That goodness the worms were patching hosts. The administrators weredoing a poor job and needed the help.Jeff
-----Original Message-----From: Jerry Bell <jerry () riskologist com>Sender: listbounce () securityfocus comDate: Wed, 23 Jan 2013 07:07:25To: tomright006 () gmail com<tomright006 () gmail com>Cc: security-basics () securityfocus com<security-basics () securityfocus com>Subject: Re: Network Segregation to prevent spread of malwareHi Tom,The answer is 'it depends', but probably no. If you are talking about a classic company network and dividing workstations into separate networks to prevent cross contamination, you have to consider the pivot points for most malware - email, file shares, etc, which can still allow malware to propagate between networks even if no traffic is allowed directly between them. Some kinds of malware, notably worms who propagate directly from one system to another via some kind of remotely exploitable vulnerability, would be contained by network segmentation, however those sorts of events are becoming increasingly rare (however when they do happen, they tend to be big events).JerrySent from my iPhoneOn Jan 22, 2013, at 5:33 PM, tomright006 () gmail com wrote:Hello All,I need few tips on Network Segregation to prevent spread of Malware. Can I avoid Malware spreading from one network segment to another just by segregating network with access list or firewalls?
------------------------------------------------------------------------Securing Apache Web Server with thawte Digital CertificateIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1------------------------------------------------------------------------
Current thread:
- Network Segregation to prevent spread of malwaretomright006 (Jan 22)
- Re: Network Segregation to prevent spread of malwareJerry Bell (Jan 23)
- Re: Network Segregation to prevent spread of malwareRob (Jan 23)
- Re: Network Segregation to prevent spread of malwareJeffrey Walton (Jan 23)
- RE: Network Segregation to prevent spread of malwareDaniel Buentello (Corp - MEIMail) (Jan 23)
- Re: Network Segregation to prevent spread of malwareSteve Figures (Jan 23)
- RE: Network Segregation to prevent spread of malwareMcmillan, Arlan (Jan 27)
- RE: Network Segregation to prevent spread of malwareDavid Gillett (Jan 23)
- Re: Network Segregation to prevent spread of malwareDaKahuna (Jan 23)
- Re: Network Segregation to prevent spread of malwareMichael Peppard (Jan 23)
- Re: Network Segregation to prevent spread of malwareRob (Jan 23)
- AW: Network Segregation to prevent spread of malwareMohammad Ilyas (Jan 23)
- RE: Network Segregation to prevent spread of malwareMohammad Ellyas Bin Hashim (Jan 24)
- Re: Network Segregation to prevent spread of malwareDave, Manish, R. - ESIL (MUM) (Jan 23)
- Re: Network Segregation to prevent spread of malwareSagar (Jan 24)
- Re: Network Segregation to prevent spread of malwareJerry Bell (Jan 23)