Re: WindowsXP - how can I stop viruses from running their own SMTP engine?
From: C. Griffin (C.Griffin.13vesz_at_mail.mcse.ms)
Date: 03/29/04
- Next message: rastapasta: "Re: Worm_Netsky.P | Microsoft Security Bulletin (MS01-020) | Outlook Express"
- Previous message: Phil Weldon: "Re: Identify this possible Trojan/virus"
- In reply to: Glen Heaysman: "WindowsXP - how can I stop viruses from running their own SMTP engine?"
- Next in thread: Lanwench [MVP - Exchange]: "Re: WindowsXP - how can I stop viruses from running their own SMTP engine?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Mar 2004 01:47:55 -0600
Mr. Heaysman:
The easiest way, while not the least expensive way is for your company
to setup its own "Exchange" mail server and have it run through an "ISA
Server" in the DMZ.
In this way you can control the incoming flow of the e-mails including
web based e-mail. I would also strongly advise you to obtain the
Symantec's Enterprise Corporate Edition AntiVirus program.
You would need to remove the individual AV programs running on your
desktops and install the Symantec EE Antivirus client on each desktop.
This can be pushed out to the individual workstations through Group
Policy from the server (I.E. Domain Controler).
With the EE AV program installed on your server and the use of the
Microsoft ISA server, which by the way, has its own built in and
extremely effective firewall and the AV client installed on the
desktops, your risk of infection from virus is greatly reduced.
This is would result in corporated wide AV protection, while reducing
the work load of your Network administrator since all of the AV and ISA
administration can be centrally controled.
As I said previously, this is not the least expensive way, but the
intial cost will be recovered due to the reduced investiment in service
calls and down time due to virus infections.
However this is no substitution or replacement for the continuing
education of your employees to ensure safe practices and following
corporate policy regarding opening of ANY untrusted coorespondence.
I hope this may be helpful.
If you need any further assistance feel free to contact me.
Glen Heaysman wrote:
> *Hi all,
>
> We're running Windows XP on about 350 desktops. We're very strict
> with our user permissions and group policies, etc. Users can't see
> C:\ drive, they can't install apps, they can't write the registry,
> they can't write to c:\windows, etc, etc.
>
> While we have a corporate firewall in place and desktop anti-virus
> scanners as a security measure - how can I stop Windows XP from
> allowing a virus to run its own SMTP engine?
>
> I don't want to license, install and manage personal firewalls on
> each
> desktop PC but how else can I stop viruses from bring along thier
> own
> SMTP engine? Is there something in Group Policy?
>
> My fear is having a desktop PC where the anti-virus software has
> stopped running (for whatever reason) and a user opens email from a
> web-based mail provider. What's to stop the SMTP engine from
> loading
> and doing damage? The email isn't coming in through the firewall in
> this instance - it's just Port 80 traffic.
>
> Any ideas would be greatly appreciated.
>
> Thanks,
> Glen *
-- C. Griffin ------------------------------------------------------------------------ Posted via http://www.mcse.ms ------------------------------------------------------------------------ View this thread: http://www.mcse.ms/message517723.html
- Next message: rastapasta: "Re: Worm_Netsky.P | Microsoft Security Bulletin (MS01-020) | Outlook Express"
- Previous message: Phil Weldon: "Re: Identify this possible Trojan/virus"
- In reply to: Glen Heaysman: "WindowsXP - how can I stop viruses from running their own SMTP engine?"
- Next in thread: Lanwench [MVP - Exchange]: "Re: WindowsXP - how can I stop viruses from running their own SMTP engine?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
