Intrusion Prevention System (IPS)

Download Report

Transcript Intrusion Prevention System (IPS)

Security Notifications for TLCs
If ETS or JDL alerts a TLC to a security
problem, please address the issue
promptly. Notify ETS when complete.
Security Events
Below is actual BCPS data, seen on a daily basis:
TCP_Network_Scan – 63414 Events!
TCP_Service_Sweep – 5661 Events
Let’s work together to clean it up!
Remedy Ticket Created
Email to TLC
•
•
The host(s) listed at the bottom of this message have been identified as
likely infected with viruses/spyware or have inappropriate software loaded.
•
I can assist further once you find the computer and perform the tasks listed below. This incident will be tracked
through the Remedy system under the ticket listed in the subject line of this email. Please reference this ticket
number on all future communication pertaining to the incident.
•
Thanks for your help and here are the details:
•
1. Log onto the infected system and download 'Stinger' from the McAfee site: http://vil.nai.com/vil/stinger/ Set the
product to scan all the local drives, following the instructions on the site.
•
2. Install LANDesk onto the system if not already installed.
•
3. Install McAfee VirusScan onto the system if not already installed.
•
4. Uninstall inappropriate software such as P2P software (LimeWire, Gnutella, BitTorrent, etc)
•
•
•
•
•
•
***************************************
INFECTED DEVICE(S):
Operating system :
Name :
IP address:
***************************************
Stinger
Why Stinger?
Free and Reliable
Updated regularly
Vast array of variants covered
Usually does the trick
LANDesk
Install the latest agent.
Landesk is a district
application used for
patch management,
spyware removal,
inventory, remote
control and
management of
devices.
Manually run patches:
http://browardlandesk.broward.k12.fl.us/cleanme.bat
McAfee VirusScan
Install it, Update it, Run scans on a regular basis. Install EPO Agent.
PC Link:
http://servicedesk/WINDOWS/Antivirus/McAfee%20Installs/
MAC Link:
http://servicedesk/OSX/Virex-VirusScan/
Peer to Peer (P2P) Applications
•
•
•
•
Usually load at startup by default
Generate tons of traffic
Generate alarms on security devices
Inappropriate on BCPS Network