1. Patch all our computers with MS08-067
2. Get your AV updated with latest signature and make sure that all your PC's are getting updates from your AV server or directly.
3. Configure a full scan every night and make a list of infected nods for rebooting and in some cases send immediately for rebuilding
4. Get your SNORT systems up to date and blocking any RPC ,SMB 445 139 anomaly .
5. Gave a Nessus Scan to your LAN
6. make the folder: %windir%\Tasks - READ ONLY (for variant .b)
7. Disable auto run for all devices in GPO and apply the 967715 fix on your PC's.
8. use the removal tool from BitDefender (http://www.bdtools.net/)
No comments:
Post a Comment