Share what you know with millions of people
Focus is the best place to turn what you know into remarkable content
0
How does my company protect itself from botnets?
I run a small business and I am worried about botnets. Botnets were responsible for 90% of spam in 2008, so how does my company go about protecting itself from these "robot" computer networks.
Events
- Dos and Don'ts of Small Business Marketing May 29 @ 11 am PT
- Lead Nurturing 202: The Next Generation May 31 @ 11 am PT
- The Tricks to Paid Media June 6 @ 11 am PT
- Display Advertising for Brand Awareness June 20 @ 11 am PT
Related Activity
4 Answers
Usually power to build secure systems and networks comes from years of experience, but I can give you some hints for this.
1. buy good hardware utm firewall (watchguard is easy to use)
2. learn how to use and configure it to its limits
3. learn more about tcp/ip
some tips to firewall rules:
1. block all irc traffic, since usually botnets use irc communication channel to control it.
2. limit smtp connections only from inside mailserver to operator smart host. no direct smtp connections!
3. drop all ms executable attachments on mails.
some tips to security:
1. patch all servers and workstations regulary and use virus, spyware protection and internal firewall software.
2. use secure operating systems if possible (linux)
3. kill internet explorer on workstations and use firefox!
Eero,
RHCE
If you have a small company with limited technical capability, I would recommend outsourcing email security to a managed email security provider who employ "Reputation Filtering" technology to identify rogue senders. We are a reseller and recommend Trend Micro Interscan Messaging Hosted Security, but there are a number of managed service providers who provide a good service. Try Googling "managed email security" for a short list of suppliers.
Outsourced services are the way to do it. We have used Messagelabs service to filter email and to act as an active web proxy for all traffic. We block access to the web except through the proxy and that covers all primary routes of access to the network.
5 things you can do to mitigate the vast majority of the risk, that costs you almost nothing.
1. Set all your systems (assuming windows or mac on the desktop) to auto-patch automatically.
2. Dont use IE6 or IE7 as your default browser. Use Firefox or IE8. Note that if you do use Firefox, you MUST keep it patched to current, otherwise you're no better off than using the old versions of IE.
3. Use a modern email client. There are many businesses out there using very old unpatched versions of Outlook or Outlook Express. Get at least to XP and fully patched, and a large portion of the email-based attack vectors are eliminated.
4. Keep the other critical apps patched. Flash, Acrobat Reader, Quicktime, and Firefox. These are becoming the most commonly attacked platforms nowadays.
5. Run as non-admin. Out of this list, this is the hardest (though its easier with Vista, W7, and Mac) to do, but also the most effective. The vast majority of malware will just bounce off your system if you're running as non-admin.
If you do these things, you will be in excellent shape. At that point, add anti-virus, and maybe a gateway-based or outsourced email scanner, and you've got tremendous defense-in-depth.
The bottom line is that you dont have to spend money to protect yourself. It's no different than changing the oil on your car periodically and not running in the summer low on coolant. Simple preventative measures and best practices are an easier way.
Good luck!
Andrew Hollamon
http://www.dmnsys.com/
Answer This Question