Wednesday, April 8, 2009

Conficker Preparations Tips

1. Patch all our computers with MS08-067

2. Get your AV updated with latest signature and make sure that all your PC's are getting updates from your AV server or directly.

3. Configure a full scan every night and make a list of infected nods for rebooting and in some cases send immediately for rebuilding

4. Get your SNORT systems up to date and blocking any RPC ,SMB 445 139 anomaly .

5. Gave a Nessus Scan to your LAN

6. make the folder: %windir%\Tasks - READ ONLY (for variant .b)

7. Disable auto run for all devices in GPO and apply the 967715 fix on your PC's.

8. use the removal tool from BitDefender (

No comments:

Post a Comment